Different tools for Microsoft Hyper-V researching:
-
Extract.Hvcall - utility for automatically extraction of Hyper-V hypercalls names and codes from Hyper-V core binaries using IDA
-
HvlibPowershell - powershell module for Hyper-V memory manager library
-
HyperViews - modified version of PTView, working with hvlibdotnet library (Hyper-V Virtual Machines or local memory)
-
Plugin_for_volatility - plugin for volatility3
- Hyperv_detector - different variants of Hyper-V detection (hyperv_detector_v1 - user mode and hyperv_detector_v2 - kernel mode)
- HyperV-Security-Framework - framework for analyzing Hyper-V security