WinDbg Training Pack | Software Diagnostics Technology and Services

www.patterndiagnostics.com/windbg-train...
www.patterndiagnostics.com/gdb-training...

#windbg #gdb #diagnostics #debugging

On the positive side, it prompted me to reconsider and revise answers to 2 more questions from the remaining 50%. #windbg #dumpanalysis #memorydumps #memoryanalysis #diagnostics #postmortem #debugging #llm #genai

Accelerated Windows Memory Dump Analysis, Seventh Edition, Part 2: Kernel and Complete Spaces Slides #windbg www.patterndiagnostics.com/Training/AWM...

Accelerated Windows Memory Dump Analysis, Seventh Edition, Part 1: Process User Space Slides #windbg www.patterndiagnostics.com/Training/AWM...

Cyber Week: 50% discount for the Complete Pattern-Oriented Software Diagnostics Training Pack in PDF format www.patterndiagnostics.com/complete-pat... #softwarediagnostics #windbg #gdb #lldb #debugging #windows #linux #macos #dumpanalysis #reversing #memorythinking #patterns #c #cpp #rust #kernel

Accelerated Linux Core Dump Analysis, Fourth Edition | Software Diagnostics Technology and Services

50% discount for Accelerated Linux Core Dump Analysis, Fourth Edition, during the next 3 days www.patterndiagnostics.com/accelerated-... #gdb #windbg #dumpanalysis

WinDbg Training Pack | Software Diagnostics Technology and Services

50% discount for WinDbg Training Pack during the next 3 days www.patterndiagnostics.com/windbg-train... #windbg #debugging #forensics #dumpanalysis

Microsoft: August security updates break Windows recovery, reset Microsoft's August 2025 Windows security updates are breaking PC reset and recovery tools, impacting millions of users. Learn which platforms are affected, how it disrupts key Windows features, and what help may be available.

Microsoft: August security updates break Windows recovery, reset Why Millions of Windows Users Are Facing Reset Headaches Microsoft’s August 2025 Windows security updates.... @cosmicmeta.ai #WinDbg

https://u2m.io/YAnL4lni

Why does [ #WinDbg ] show me the wrong function?


devblogs.microsoft.com ->

TIL about COMDAT folding #compiler optimization!


Original->

A guide to get you started with #Windows #Kernel #Debugging walking you through the complete setup and usage of #WinDbg to trace Windows process creation at the kernel level, from boot to PspCreateProcess, using VMware Workstation. #ReverseEngineering github.com/mytechnotale...

@timdbg.com recorded a few videos with Engineers related to debugging / troubleshooting on Windows.

Highly recommended for everyone who's interested in this topic.

www.youtube.com/watch?v=so06... #debugging #escalationengineer #windows #performance #windbg

code completion in windbg. It's new to me. #windbg

Apparently the latest WinDbg has autocomplete! #windbg #windows

device that Hyper-V provides."

I'll give this a shot tomorrow on Proxmox and I'll drink something strong if modifying the hypervisor ID actually solves my issues! :D

#windbg #reverseengineering #proxmox #kvm
3/3

Original->

I was about to write a capture kernel driver for Windows in order to debug a build issue (!) but last night I mastered WinDbg and NT kernel debugging, and capturing and dumping EPROCESS data ;-) I did not know about WinDbg before because I'm not a Win32 expert.

#Windows #NT #kernel #WinDbg

GhidraDbg - A Python script that creates a bridge between #Ghidra and #WinDbg for dynamic driver analysis, allowing real-time synchronization of debugging states.


github.com ->

"The built-in Ghidra-WinDbg sync can be challenging to configure and
1/2

A screenshot of the nt-load-order-gui tool showing the driver load order on a Windows 10 system along with checkboxes to turn on and off the individual steps involved in calculating this load order

The second part of my #WinDbg deep-dive into the #Windows #bootloader is up: Get ready for a decades-old registry structure, unique sorting algorithms, and lots of corner cases. The result is a modern Rust replacement for @markrussinovich.bsky.social's LoadOrder tool: colinfinck.de/posts/nt-loa...

Windows Bootloader and Driver Load Order Analysis with WinDbg The article examines the Windows bootloader and driver load order, focusing on the boot process for Windows 10 21H2 and Windows 11, while introducing tools and methods for kernel debugging using WinDbg.

Unlock insights on Windows bootloader and driver load order for Windows 10 21H2 and 11. This analysis highlights kernel debugging techniques with WinDbg, crucial for optimizing performance and security. Stay informed! #cybersecurity #threat #WinDbg #Windows11 #driverload

nt-load-order Part 1: WinDbg'ing our way into the Windows bootloader - ColinFinck.de There are close to zero reasons to reverse-engineer the Windows driver load order. Which is exactly why I’m doing it. And if you are as crazy as me and want to write a Windows bootloader in Rust, you ...

For those of you who are also deep into Windows #reverseengineering, #bootloaders, and #WinDbg: My first blog post on researching the Windows driver load order and all its quirks is out, beginning with some WinDbg fundamentals: colinfinck.de/posts/nt-loa...

I was ahead in points! #debugging #aoe2 #windbg

Just in case you need to list of the top protected processes on a live Windows system using WinDbg:

#windbg #windows #microsoft #internals

LayeredSyscall - Abusing VEH to Bypass EDRs | White Knight Labs Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR hooks in Windows.

LayeredSyscall – Abusing VEH to Bypass EDRs:

whiteknightlabs.com/2024/07/31/l...

#exploitation #exceptions #malware #redteam #infosec #informationsecurity #cybersecurity #reversing #windbg

Debugging Stop 0x76 – PROCESS_HAS_LOCKED_PAGES PROCESS_HAS_LOCKED_PAGES (76) Caused by a driver not cleaning up correctly after an I/O. Arguments: Arg1: 0000000000000000, Locked memory pages found in process being terminated. Arg2: fffffa800b1a406...

Debugging Stop 0x76 - PROCESS_HAS_LOCKED_PAGES bsodtutorials.wordpress.com/2024/04/10/d... #windbg

Most of the time, Windbgx + Linq query is recommended to get useful results... (null values could have been filtered out...):

#windbgx #windbg #windows

Debugging Stop 0xEA - THREAD_STUCK_IN_DEVICE_DRIVER bsodtutorials.wordpress.com/2024/01/30/d... via MachinesCanThink #windbg #debugging

Introduction for getting started with WinDBG

codemachine.com/articles/win...

#windbg #infosec

The return of WinDbg We finally have a new version of WinDbg that is available...

The return of WinDbg by @poppastring.

#debugging #cpp #dotnet #windbg #windows #windowsdev
https://www.poppastring.com/blog/the-return-of-windbg

Still a very early prototype, but here is Windbgpt, a #chatgpt-powered AI assistant directly in #Windbg! It analyzes the output of the commands, and provides guidance to solve the stated problem. Here is an example of it investigating a deadlock in a .NET application.

There's no reason @idatips would only give you tips, so let's share some on #windbg too !

DM me for posting !

Extending the new WinDbg, Part 3 – Embedding a C# interpreter - Criteo Engineering In part 1 and part 2, we’ve seen in detail how to customize the WinDBG…

I just published on CriteoLabs the part 3 of the series on how to extend the new WinDbg: labs.criteo.com/2018/05/extending-new-wi... Or how to embed a C# interpreter directly in #WinDbg to script with #ClrMD without leaving the debugger #csharp #debugging