I co-authored an article with Durvesh Raut on WinDbg (Windows Debugger) for the Q3’2010 edition of Security Acts magazine. The article is an introduction to using WinDbg for user mode and kernel mode debugging and crash dump analysis on the Windows platform.

Introduction (from the published article)

Security testing has become an important part of the testing life cycle and is being adopted by more and more organizations as a formal practice rather than relying on random testing or findings in this context. This is a big challenge for the testing community, as with this expectation in place testers have to become comfortable with a lot of things which were earlier known only to the developers or security researchers. One such area is the world of debuggers.

Security testers often come across crashes of applications or the underlying operating system while playing with the input vectors of a software application/interface. Some testers, who know about the existence of debuggers and their basic installation, go ahead and enable the same to capture the crash dumps. Most of the times, they assume that the analysis of these dumps is the responsibility of developers and/or security researchers. An initial analysis by the tester reporting the crash could be very useful for analysis and could go a long way in selling the bug and stressing on its severity. A tester with this knowledge can make the corresponding bug reports much more useful by reporting specifics of the bug.
As an example, which of the following sounds better to you? :
“With software net installed, the system goes into infinite loop of rebooting and crashing.”
“Invalid Memory Access in ABC driver of software net causes the system to go into infinite loop of rebooting and crashing.” (Followed with a crash dump and initial analysis pointing to the probable function)

This article aims at providing basic know-how of the Windows Debugger (WinDbg) for those who would be interested in filling this knowledge gap and are dealing with software testing on the Windows platform. The authors have tried to make the article as simple as possible so that the subject will reach those who may shy away from learning these concepts due to the complexity involved.

The article is available as a PDF file here (~ 2 MB): WinDbg – A Primer on the Windows Debugger for Security Testers

You can also download the complete magazine  from the Security Acts website after a small registration process.

Rahul Verma

Leave a Reply


1 10 11 12
May 24th, 2007

The Big Fight – Schools of Testing – Views Against and Additional Perspective – I

May 22nd, 2007

The Big Fight – Schools of Testing – Views in Favour

May 21st, 2007

The Big Fight – Schools of Testing – Is Context-Driven school a Meta-school?

May 15th, 2007

The Big Fight – Schools of Testing – The Schools

May 10th, 2007

The Big Fight – Schools of Testing – The Origin

May 9th, 2007

The Big Fight – Schools of Testing – Introduction

May 7th, 2007

Dealing with dynamic boundaries in LoadRunner using Text Flags

May 3rd, 2007

Presentation at Yahoo! Bangalore

May 3rd, 2007

Selective Logging for effective debugging in LoadRunner

April 26th, 2007

Using Bug Count for Performance Evaluation of Testers