O'Reilly logo

Accelerated Windows Memory Dump Analysis: Training Course Transcript and WinDbg Practice Exercises with Notes, Third Edition by Dmitry Vostokov

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Exercise 0: Download, setup and verify your WinDbg installation

images

Goal: Install Debugging Tools for Windows and learn how to set up symbols correctly.

Patterns: Incorrect Stack Trace

1.      Download and install the latest version of Debugging Tools for Windows (windbg.org for quick links).

2.      Launch WinDbg from Windows Kits \ Debugging Tools for Windows (X64) or Windows Kits \ Debugging Tools for Windows (X86). For uniformity we use X64 version of WinDbg throughout exercises unless a different verson is required (such as in the case of 32-bit .NET memory dumps).

3.      Open \AWMDA-Dumps\32-bit\Processes\notepad.DMP:

4.      We get the ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required