Practical Foundations of Windows Debugging, Disassembling, Reversing: Training Course, Third Edition - Softcover

Inhaltsangabe

This training course is a reformatted, improved, and modernized version of the previous x64 Windows Debugging: Practical Foundations book, which drew inspiration from the original lectures we developed 22 years ago to train support and escalation engineers in debugging and crash dump analysis of memory dumps from Windows applications, services, and systems. At that time, when thinking about what material to deliver, we realized that a solid understanding of fundamentals like pointers is needed to analyze stack traces beyond a few WinDbg commands. Therefore, this book is not about bugs or debugging techniques but about the background knowledge everyone needs to start experimenting with WinDbg, learn from practical experience, and read other advanced debugging books. This body of knowledge is what the author of this book possessed before starting memory dump analysis using WinDbg 18 years ago, which resulted in the number one debugging bestseller: the multi-volume Memory Dump Analysis Anthology (Diagnomicon). Now, in retrospection, we see these practical foundations as relevant and necessary to acquire for beginners as they were more than 20 years ago, because operating systems internals, assembly language, and compiler architecture haven't changed much in those years.

The third edition, with new material on arrays and floating point, was completely remastered in full color. The text was also reviewed, and a few previous mistakes were corrected. The book is also slimmer because the x86 32-bit chapters were removed. They are still available in the previous edition, which will not be out of print soon. The third edition is entirely x64.

The book is useful for:

• Software technical support and escalation engineers
• Software engineers coming from a managed code or JVM background
• Software testers
• Engineers coming from non-Wintel environments
• Windows C/C++ software engineers without an assembly language background
• Security researchers without an x64 assembly language background
• Beginners learning Windows software reverse engineering techniques

This introductory training course can complement the more advanced Accelerated Disassembly, Reconstruction, and Reversing course. It may also help with advanced exercises in Accelerated Windows Memory Dump Analysis, Accelerated Rust Windows Memory Dump Analysis, Accelerated Windows Debugging⁴, Accelerated Windows API for Software Diagnostics, Accelerated Windows Malware Analysis with Memory Dumps, and Memory Thinking books for C and C++. This book can also be used as an Intel assembly language and Windows debugging supplement for relevant undergraduate-level courses.

Die Inhaltsangabe kann sich auf eine andere Ausgabe dieses Titels beziehen.