The full color transcript of Software Diagnostics Services training sessions with 28 step-by-step exercises, notes, source code of specially created modeling applications and more than 100 questions and answers. Covers more than 60 crash dump analysis patterns from x86 and x64 process, kernel, complete (physical), and active memory dumps. Learn how to analyse application, service and system crashes and freezes, navigate through memory dump space and diagnose heap corruption, memory leaks, CPU spikes, blocked threads, deadlocks, wait chains, and much more. The training uses a unique and innovative pattern-oriented analysis approach developed by Software Diagnostics Institute to speed up the learning curve. Prerequisites: Basic Windows troubleshooting. Audience: Software technical support and escalation engineers, system administrators, security researchers, reverse engineers, malware and memory forensics analysts, software developers and quality assurance engineers. The 4th edition was fully reworked to use WinDbg 10 and now covers memory dumps from Windows 10 x64. It also includes optional legacy exercises from the previous editions covering Windows Vista and Windows 7.
- Title: Accelerated Windows Memory Dump Analysis: Training Course Transcript and WinDbg Practice Exercises with Notes, Fourth Edition
- Authors: Dmitry Vostokov, Software Diagnostics Services
- Publisher: OpenTask (May 2016)
- Language: English
- PDF: 872 pages
- ISBN-13: 978-1908043467
Note: This course may require additional symbol files.
When you purchase the PDF book you additionally get its EPUB version and free named Software Diagnostics Library membership with access to more than 350 cross-referenced patterns of memory dump analysis, their classification, and more than 70 case studies. There is an option to buy 11 volumes of Memory Dump Analysis Anthology in PDF format together with the course.
The training course also includes Practical Foundations of Windows Debugging, Disassembling, Reversing PDF book.