The book contains the full transcript of Software Diagnostics Services training with 16 hands-on exercises. This training course extends pattern-oriented analysis introduced in Accelerated Windows Memory Dump Analysis, Accelerated .NET Core Memory Dump Analysis, and Advanced Windows Memory Dump Analysis with Data Structures courses with:
- Surveying the current landscape of WinDbg extensions with analysis pattern mappings
- Writing WinDbg extensions in C and C++
- Connecting WinDbg to NoSQL databases
- Connecting WinDbg to streaming and log processing platforms
- Querying and visualizing WinDbg output data
Prerequisites: Working knowledge of WinDbg. Working knowledge of C or C++ is optional (required only for some exercises). Other concepts are explained when necessary.
Audience: Software developers, software maintenance engineers, escalation engineers, quality assurance engineers, security and vulnerability researchers, malware and memory forensics analysts who want to build memory analysis pipelines.
- Title: Extended Windows Memory Dump Analysis: Using and Writing WinDbg Extensions, Database and Event Stream Processing, Visualization
- Authors: Dmitry Vostokov, Software Diagnostics Services
- Publisher: OpenTask (September 2022)
- Language: English
- Product Dimensions: 28.0 x 21.6
- PDF: 274 pages
- ISBN-13: 978-1912636686
There is an option to buy 14 volumes of Memory Dump Analysis Anthology in PDF format and recording together with the course.
When you purchase the PDF book you additionally get free named Software Diagnostics Library membership with access to more than 370 cross-referenced patterns of memory dump analysis, their classification, and more than 70 case studies.
The version of the training course with recording also includes Practical Foundations of Windows Debugging, Disassembling, Reversing, Second Edition PDF book.