Slides from the previous training version, days 1-3
Slides from the previous training version, days 4-6
New dates/times TBD
This training includes 32 step-by-step exercises and covers more than 65 crash dump analysis patterns from x86 and x64 process, kernel, and complete (physical) memory dumps. Learn how to analyze application, service and system crashes and freezes, navigate through memory dump space and diagnose heap corruption, memory leaks, CPU spikes, blocked threads, deadlocks, wait chains, and much more with WinDbg debugger. The training uses a unique and innovative pattern-oriented analysis approach developed by Software Diagnostics Institute to speed up the learning curve, and it is based on the latest 5th revised edition of the bestselling Accelerated Windows Memory Dump Analysis book. This new training version also includes:
- x86 and x64 disassembly overviews
- Additional memory analysis patterns
- Memory dump analysis of Go and Rust processes
- Additional coverage of BSOD
- New kernel exercises with source code
Training outline:
- Day 1 (2 hours): Overview. Process memory dump analysis.
- Day 2 (2 hours): Process memory dump analysis.
- Day 3 (2 hours): Process memory dump analysis.
- Day 4 (2 hours): Kernel memory dump analysis.
- Day 5 (2 hours): Complete (physical) memory dump analysis.
- Day 6 (2 hours): Additional memory dump analysis topics.
Before the training, you get:
- Practical Foundations of Windows Debugging, Disassembling, Reversing, Second Edition PDF book (+300 pages)
- The current PDF book version (+700 pages)
- The previous training recording
- Access to Software Diagnostics Library with more than 370 cross-referenced patterns of memory dump analysis, their classification, and more than 70 case studies
After the training, you also get:
- The new 6th PDF book edition (+800 pages)
- Personalized Certificate of Attendance with unique CID
- Optional Personalized Certificate of Completion with unique CID (after the tests)
- Answers to questions during training sessions
- Current training sessions recording
Prerequisites: Basic Windows troubleshooting
Audience: Software technical support and escalation engineers, system administrators, security and vulnerability researchers, reverse engineers, malware and memory forensics analysts, DevSecOps and SRE, software developers, and quality assurance engineers.
If you are mainly interested in .NET memory dump analysis, there is another training: Accelerated .NET Core Memory Dump Analysis
If you are interested in Linux memory dump analysis, there is another training: Accelerated Linux Core Dump Analysis