• Online, Self-Paced
Course Description
The Windows Debugger (WinDBG, often pronounced 'Windbag') is an incredibly powerful tool for isolating and eliminating flaws in Windows software. It finds use throughout the fields of software engineering, exploit development, red-teaming, and more.

Learning Objectives

Using the Windows Debugger The Windows debugger, also known as WinDBG (pronounced 'Windbag') is a multipurpose debugger designed by Microsoft for the Windows operating system. This debugger is used to find and resolve bugs, or errors, in the computing system. WinDBG can be used to debug device drivers, user mode applications, and the Windows operating system (in kernel mode). It has a graphical user interface (GUI) and it's used throughout many different fields, including exploit development, software engineering, red-teaming, and others. Why Use the Windows Debugger? The Windows debugger is a powerful and versatile tool with many features and benefit. It's the popular choice of debuggers for developers and system administrators working in investigating Windows crash reports, debugging BSODs (blue screen of death), and other errors. WinDBG can also be used for various debugging tasks including: * debugging kernel mode memory dumps that occur after BSODs which happens when a bug check is issued * post-mortem debugging (debugging user mode crash dumps) * automatic loading of debugging symbol files from servers using SymSrv by matching specific criteria The WinDBG utility is easily accessible to users. It can be obtained in three different ways - as part of the Windows Driver Kit (WDK), as a stand-alone tool, or as part of the Windows Software Development Kit (SDK). In mid-2017, Windows released a revamped version of WinDBG that resolved some previous issues and added advanced features. Included in the revamp was an updated user interface to make navigation of the program simpler for users. Additionally, the newer version has the following features: * Re-worked file menu * Familiar source windows * New Model windows * Dedicated view of data models * Improved memory for recent sessions and some settings * Disassembly window keeps highlighting in the right spot when scrolling * Dark theme * Extensible locals and watch windows (via data models) * Built-in scripting environment (JavaScript and NatVis) * Memory window has improved scrolling and highlighting * Various other improvements For more information about the Windows debugger, and to learn to use it, check out our How to Use WinDBG tutorial. The class is free, and it provides you with all the information you need to successfully run WinDBG to rid your Windows system of errors.

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.