http://www.sysersoft.com ("http://www.sysersoft.com")
Syser is a 32Bit X86 kernel-level debugger for windows NT OS family. (full-graphical softice)
It can trace all windows OS instructions at anytime.
Supports color disassembly and (C/C++)source code debugging (VC PDB format).
Syser is a powerful tool for windows NT driver developer , cracker and OS analyzer.

Support OS : 2K,2003 XP,Vista
Support CPU: All 32Bit X86 (SMP)


Softice left , Syser is coming

Thanks wuyanfeng, you'll be bless by bring in our great weapon especially Support OS : Vista heh
come on guys cheer up and refresh our mind.
good hunt

Appreciated as always.., but the kernel debugger of Syser still seems to lock up the keyboard and mouse under VMWare. I think that to a lot of reversers, this debugger wouldn't be of much practical use unless it can also be run under a VM.

I'm sure there must be a solution..

New version supposedly fix this issue, check syser web site

There is a little file tweaking for older VM version as well.. Remind me when i got Soft ICE to work earlier, by tweaking VM files.. Sigh Soft ICE Sigh

syser update .now support vmware 5.0 and later.
syser is work for windows run vmware box, windows install need at vmware 5.0.
not work if windows install at vmware 3.x ,4.x , update to vmware 5.0.
.

syser update .now support vmware 5.0 and later.

syser is work for windows run vmware box, windows install need at vmware 5.0.
not work if windows install at vmware 3.x ,4.x , update to vmware 5.0.

I'm using VMWare 5.5.1 and although Syser can recognise it (it says Host: VMWare), it doesnt like the video for some reason ...

Syser : Fail to attach System Video FrameBuffer !
Syser : Please Install VMWare Tools !

(yes I have VMWare Tools installed and yes i rebooted after installing Syser)

tell me for VMWare 5.5.1 buildnumber.
Windows must be installed directly at vmware 5.5.1. But not from low-version upgrade to vmware 5.5.1

VMWare Workstation, 5.5.1 build-19175
XP is the host OS as well as the guest OS

guest os

Yes, like i said XP is both the host OS as well as the guest OS

For those following the development of this debugger, version 1.7 was released on April 1, 2007. No I don't think it was an April Fool's Release.

2007.04.01 Syser Debugger 1.7 Release

1. modify instruction execute breakpoint bug. (DR0-DR4). [2007.03.18]
2. Support VMWare 5.0,5.5,6.0 and later [2007.03.19]
3. Support VirtualPC.(To be improved ) [2007.03.24]
4. add save screenshot command in syserapp.exe
5. add font configure option, will only take effect after restart syser. [2007.03.22]
6. Enhanced ntcall2 command to provide symbolic support.[2007.03.22]
7. Sysboot.sys during loading can be Cancel.[2007.03.22]
8. Fixed mouse problems in VMWare.
9. Fixed bpx command bug.
10. Fixed some problems in windows vista.


Download link: http://www.sysersoft.com/download/download.php

Regards,

i recently saw there is an english forum as well

sysersoft.com/forum

so since there is a english language forum now available i thought ill brace my sleeves and just try out this new 1.7 version and see how it behaves

to my surprise it works pretty amazingly well

hopefully the authour comes over here some times and reads this post

installs in a jiffy,
when restarting asks if i want to press esc to stop the bootloading driver from loading
and uninstalls cleanly (even deletes the syser.sys , syerlang.sys files etc
if uninstalled)

all that is left is the symbol files converted sds files a .cfg and history files in
c:\programfiles

pretty neat

i'm really impressed

now if the authour reads this post

i have a few questions

i loaded calc.exe via file -> load module

i can drag the syserapplication sideways to show the original desktop

but the hooked black mouse cursor doesnt leave the ddraw box

if this is supposed to be like ollydbg too ollydbg will let me play freely with calc if i hit pause or esc

is it achievable (no im not kernel debugging im just wanting to debug a r3 application in r3 mode)

two how did you screen shot all those screen shots

i mean is it possible for me to grab a screen shot when im not running this on virtual machine but an actual machine

btw the memory requirment for this has been considerably downgraded it seems so thanks for that (earlier installers simply failed asking for a minimum of 256mb ram )

but i took this trial today on an 192 mb ram machine

and it didnt fail, crash, hang and thats an amazing improvement from the debuggerkiller version that was posted years ago in win32asmboard ( i believe the debugger killer version is the forerunnner to this syser may be im wrong )

ctrl+f12 activates the debugger consistently

bpx GetModuleName breaks consistently

the alt+s , alt+w , alt+r all works seemlessly

kudos for making this debugger

ill have to play with the kernel debugging part sometimes especially the transistion mechanism from r3 to r0 and back


like some one asked a plugin sdk would also be nice

hopeully this debugger could replace sice in coming years

screen shots : input "scrshot c:\syserscreenshot.bmp" in console & Debug Message window for syserapp.exe .so that save from the last screen contents at syser exit to windows.