I co-authored an article with Durvesh Raut on WinDbg (Windows Debugger) for the Q3’2010 edition of Security Acts magazine. The article is an introduction to using WinDbg for user mode and kernel mode debugging and crash dump analysis on the Windows platform.
Introduction (from the published article)
Security testing has become an important part of the testing life cycle and is being adopted by more and more organizations as a formal practice rather than relying on random testing or findings in this context. This is a big challenge for the testing community, as with this expectation in place testers have to become comfortable with a lot of things which were earlier known only to the developers or security researchers. One such area is the world of debuggers.
“With software net installed, the system goes into infinite loop of rebooting and crashing.”
“Invalid Memory Access in ABC driver of software net causes the system to go into infinite loop of rebooting and crashing.” (Followed with a crash dump and initial analysis pointing to the probable function)
The article is available as a PDF file here (~ 2 MB): WinDbg – A Primer on the Windows Debugger for Security Testers
You can also download the complete magazine from the Security Acts website after a small registration process.
Leave a Reply