List

WinDbg – A Primer on the Windows Debugger

 July 29, 2010 |  Rahul Verma |  Books/Publications, Technology Nuggets

I co-authored an article with Durvesh Raut on WinDbg (Windows Debugger) for the Q3’2010 edition of Security Acts magazine. The article is an introduction to using WinDbg for user mode and kernel mode debugging and crash dump analysis on the Windows platform.

Introduction (from the published article)

Security testing has become an important part of the testing life cycle and is being adopted by more and more organizations as a formal practice rather than relying on random testing or findings in this context. This is a big challenge for the testing community, as with this expectation in place testers have to become comfortable with a lot of things which were earlier known only to the developers or security researchers. One such area is the world of debuggers.


Security testers often come across crashes of applications or the underlying operating system while playing with the input vectors of a software application/interface. Some testers, who know about the existence of debuggers and their basic installation, go ahead and enable the same to capture the crash dumps. Most of the times, they assume that the analysis of these dumps is the responsibility of developers and/or security researchers. An initial analysis by the tester reporting the crash could be very useful for analysis and could go a long way in selling the bug and stressing on its severity. A tester with this knowledge can make the corresponding bug reports much more useful by reporting specifics of the bug.
As an example, which of the following sounds better to you? :
“With software net installed, the system goes into infinite loop of rebooting and crashing.”
OR
“Invalid Memory Access in ABC driver of software net causes the system to go into infinite loop of rebooting and crashing.” (Followed with a crash dump and initial analysis pointing to the probable function)


This article aims at providing basic know-how of the Windows Debugger (WinDbg) for those who would be interested in filling this knowledge gap and are dealing with software testing on the Windows platform. The authors have tried to make the article as simple as possible so that the subject will reach those who may shy away from learning these concepts due to the complexity involved.

The article is available as a PDF file here (~ 2 MB): WinDbg – A Primer on the Windows Debugger for Security Testers

You can also download the complete magazine  from the Security Acts website after a small registration process.

Rahul Verma

Leave a Reply

  Posts

1 11 12
April 25th, 2007

Expanding a COE to System-Wide Knowledge Pool

You will hear people talking about Center of Excellence (COE) in net domain (If you haven’t heard of it, better […]
April 14th, 2007

Taking my next Testing Career move !

When a few months back, I took a decision to take the next step in my career, I was just […]
April 2nd, 2007

Can you develop the product in which you are finding bugs?

  “Can you develop the product in which you are finding bugs? “, “It’s OK that you are finding mistakes, […]
March 30th, 2007

Do you count on testing experience or years++?

  Do you count on testing experience or years++? To put it in a different way, do you evaluate yourself […]
March 29th, 2007

Whose Bug is it anyway?

This article addresses one of the most important aspects of a tester’s profession – Bug Reporting. In the article on […]
March 28th, 2007

Am I putting the cat in the basket?

Recently, I attended a Seminar on Software Testing by Mr. Srinivasan Desikan , at Hyderabad. He is working as Director […]
March 27th, 2007

Welcome to Testing Perspective !

 I am Rahul Verma. My profile mentions at a high level about my professional stuff and is available as a […]
August 31st, 2006

Latest From My Blog

Latest Blog Posts Arjuna 1.1.0 Production Release June 30, 2020 The Last Keynote on Software Testing July 23, 2017 The [...]