User mode debugging (easy).
Symbols available.
Attack surface: mostly Gen-1 VMs, device emulation, x86 emulation (for MMIO accesses).
Attach to running process with WinDbg.
JIT debugger (not recommended):
Will be launched as the same user as the (crashing) worker process.
Each worker process (one per VM) is launched in an isolated user.
Crash dumps for postmortem.
Serial port (slow, not recommended).
USB.
KDNET:
What I usually do.
Needs a supported NIC but not usually a problem.
Run under nested virtualization:
Powerful.
But too slow for my taste.
I rarely use it.
Serial port.
KDNET (recommended).
Nested virtualization.
DCI (https://up-shop.org/default/up-xtreme-i11-boards-0000-series.html ).
Getting NIC(s) information
Get-NetAdapterHardwareInfo | Format-Table Name,Description,Bus,Device,Function
Get-NetIPAddress -AddressFamily IPv4 | Where-Object { $_.IPAddress -NotLike '169.254.*' -and $_.InterfaceAlias -like "Ethernet*" } | Format-Table InterfaceAlias, IPAddress -AutoSize
Debugging Hyper-V (hvix64) with KDNET
bcdedit /hypervisorsettings NET HOSTIP:192.168.1.13 PORT:50000 BUSPARAMS:2.0.0
bcdedit /set hypervisordebug on
bcdedit /set hypervisorlaunchtype auto
Debugging the Root partition (Windows Kernel) with KDNET
bcdedit /debug on
bcdedit /dbgsettings net hostip:192.168.1.13 PORT:50001
bcdedit /set "{dbgsettings}" busparams 1.0.0