Overview
This course aims to provide an introduction to Windows Kernel Mode Debugging, emphasizing its importance in creating secure software and understanding operating system internals. The learning outcomes include gaining insight into approaching software issues, identifying appropriate tools, root causing problems, and improving software quality and security. The course teaches skills such as using Windbg, collecting BSOD dumps, configuring Live Kernel Debugging with VMware, and addressing CPU problems. The teaching method involves a lecture format assuming an introductory C programming background and a general understanding of operating systems. The intended audience includes individuals interested in security, software development, and operating system internals.
Syllabus
Introduction
Agenda
Symbols
Symbol Server
First Bluescreen
Windbg
Source code
How to collect BSOD dumps
How to configure Life Kernel Debugging with VMware
General approach to software problems
CPU problem
Snapshot
Example
Looping
Code Location
Fixing is not Universal
deadlock
costax
sample code
get lock information
match source code location
fix for developer
blue screen
bug check
kernel
hack
conclusion
Taught by
Security BSides San Francisco