Windbg - A complete guide for Advanced Windows Debugging

Discount code - CURRENTMONTHYEAR eg NOVEMBER2021

Have you ever felt your windows operating system is hung or becoming slow or having a BSOD? Or an application crash or application hang or slow on windows? Have you had to press the restart button of your PC or the windows server to get rid of the problem and had no clue when that issue will happen again? Or you're asked to analyse a memory dump of a compromised system for isolating a malware?. If that bothers you, this training is all about root causing and solving such complicated issues once and for all, among many other topics it covers.

Windbg is the single most powerful, debugging and reverse engineering tool in windows platform. Windbg is like an x-ray plus mri plus ct scan for programs running on windows operating system, including the operating system itself. It helps us to root cause complicated problems like we discussed in windows ( OS ) and programs running inside the operating system.

Just like the name implies this training has all the details which you need to master windbg. I have spent all my efforts to make sure this is the best and most complete windbg training available right now and I will keep adding topics to make sure that the statement is true in the future as well.

Targeted audience

Due to any reason, if you are trying to use or learn windbg, you already know what you're doing and there is no better place than this course. If you have been following my youtube series, this course is a complete super set of it. Being said that following are some of the categories of students to whom, I strongly recommend this course.

Support engineers

If you are a support engineer or Escalation Engineer who is supporting any product on windows, or Windows itself, I definitely recommend this course.

Malware analyst and cyber security professionals.

If you are into core cyber security especially on windows platform this tool should be definitely in your arsenal. When it comes to reverse engineering, I myself don't prefer to compare ida pro or any other similar tool with windbg but I always found windbg is one of the most, if not THE most powerful and productive tool when it comes to reverse engineering along with debugging.

Windows SysAdmins

Another main targeted set of audience is Windows administrators who always can take leverage from tools like this and know more about the product they are working with and troubleshoot problems they face at a totally different level.

C and C++ Programmers

Last and not least may be the most important category of students - advanced C and C ++ programmers which includes, driver developers, testers, software maintenance engineers and so on. Are you wondering why your application is crashing, hanging, slow or taking too much resources? That too happens once in a blue moon in production and you have no way to reproduce the issue in your dev environment. Are you asked to debug a problem in a code base you have no clue about? Or you just want to see exactly what that latest feature of cpp 20 is doing behind the scenes? This training is for you.

To summarise, this course is for anyone who wants to study windows internals and advanced production debugging on windows. Post this training you don't have to read every single windows internals and debugging books out there but you will debug whatever you want to know whatever you want to know, rather than reading some abstract result from some books.

Post this training you will not have to read and learn OS internals from any books but you will debug and understand it as and when you need it.

Course Structure

This course has 3 chapters

In Chapter 1 we discuss the necessary concepts to get us started and mostly focus on the commands of the debugger.

In Chapter 2 we apply what we have learned in Chapter 1 to different debugging scenarios, like crashes, hangs, slowness, leaks and more. We will be using test applications for this chapter and we will have source code of these test applications. First we will discuss User mode issues and then we will go into Kernel mode.

In chapter 3 we will use the knowledge gained in Chapter 1 and 2 to troubleshoot real production like or production issues. In this chapter we will discuss analysis of memory dumps which we don't have source code or any idea about. We will start with issues from sysinternals notmyfault and slowly get into true production debugging scenarios. I will keep adding lessons to this chapter if there is enough interest from students on this course. Students also can submit dumps to this chapter and they can get the dumps analyzed for free of cost and share the experience with others.

Please refer to the course content and free preview lesson for more details about the structure and content of the course.