Advanced Windbg
This is a hardcore windows debugging class solely focusing on Microsoft Windbg. We go in-depth into RPC layer debugging, debugging constructs such as mutexes, semaphores, monitor-locks, critical sections, etc.
Course Objectives:
- The main objective of this course is to make each participant comfortable with Windbg and show them how to debug software.
- Learn how to setup windbg for user-mode, kernel-mode debugging (both live and post-mortem)
- Learn about symbol files and how to debug with missing or incorrect symbol files.
- Learn assembly language basics such as function prologs, function epilogs, what registers are used for, how to navigate loops, and identify/trace parameters and local variables.
- Upon completion, each participant will be able to :
- Analyze Dr. Watson memory dumps
- Analyze user-generated memory dumps
- Attach Windbg to processes to perform live debugging
- Diagnose the process heap and map pointers on the stack to blocks in the heap
- Diagnose stuck or locked applications
- Learn how to debug 100% cpu usage issues
- Create on-the-fly application instrumentation and logging for any application (even 3rd party)
Windbg is a core tool used by 3rd level support professionals, de-velopers, and persons that reverse engineer software. It is a must-have course for any serious support professional.
|
