Connect with us on Facebook and Linkedin

Book: Advanced Windows Memory Dump Analysis with Data Structures, Second Edition

New! Now includes Practical Foundations of Windows Debugging, Disassembling, Reversing PDF book.

The full transcript of Software Diagnostics Services Training with 10 step-by-step exercises, notes, and selected Q&A.

  • Title: Advanced Windows Memory Dump Analysis with Data Structures: Training Course Transcript and WinDbg Practice Exercises with Notes, Second Edition
  • Authors: Dmitry Vostokov, Software Diagnostics Services
  • Publisher: OpenTask (December 2013)
  • Language: English
  • PDF: 198 pages
  • ISBN-13: 978-0955832888

Table of Contents
Slides from the training

When you purchase the PDF book you additionally get 8 volumes of Memory Dump Analysis Anthology in PDF format (retail price $160) and free Software Diagnostics Library membership with access to more than 200 cross-referenced patterns of memory dump analysis, their classification and more than 70 case studies.

Purchase

Book: Accelerated Disassembly, Reconstruction and Reversing

New! Now includes Practical Foundations of Windows Debugging, Disassembling, Reversing PDF book.

The full transcript of Software Diagnostics Services Training with 6 step-by-step exercises, notes, source code of specially created modeling applications, memory cell diagrams and selected Q&A. Covers more than 25 ADDR patterns.

  • Title: Accelerated Disassembly, Reconstruction and Reversing: Training Course Transcript and WinDbg Practice Exercises with Memory Cell Diagrams
  • Authors: Dmitry Vostokov, Software Diagnostics Services
  • Publisher: OpenTask (November 2013)
  • Language: English
  • PDF: 180 pages
  • ISBN-13: 978-1908043672

Table of Contents and sample exercise
Slides from the training

When you purchase the PDF book you additionally get free named Software Diagnostics Library membership with access to more than 300 cross-referenced patterns of memory dump analysis, their classification, and more than 70 case studies. There is an option to buy 9 volumes of Memory Dump Analysis Anthology in PDF format (retail price $170) together with the course.

Purchase

Historical video recording is also available

LogOS - Log OS - LoggingOS

We begin work on the new type of operating system where tracing and memory dumping for software diagnostics purposes is the main part of OS architecture and built from the ground up. The additional feature is a trace and log pattern-oriented analysis platform for other operating systems.

Presentation and Recording of Mobile Software Diagnostics Webinar

The presentation from Webinar (17th of September, 2013) is available for download: MobileSoftwareDiagnostics.pdf

The recording is available for viewing: http://youtu.be/OuK0tTkDR0Q

Complete transcript: Mobile Software Diagnostics: An Introduction

Software Diagnostics: The Collected Seminars

This is a collection of Software Diagnostics Services webinar transcripts about pattern-oriented software diagnostics developed by Software Diagnostics Institute. Includes 9 seminars on pattern-driven software problem solving, software narratology, pattern-driven software diagnostics, systemic software diagnostics, pattern-based software diagnostics, philosophy of software diagnostics, victimware, malware narratives and pattern-oriented network trace analysis.

  • Title: Software Diagnostics: The Collected Seminars
  • Authors: Dmitry Vostokov, Software Diagnostics Services
  • Publisher: OpenTask (September 2013)
  • Language: English
  • Product Dimensions: 28.0 x 21.6
  • PDF: 302 pages
  • ISBN-13: 978-1908043641

Price: 50 USD (including 50% discount from the price of hardcover edition).

Purchase

Book: Accelerated .NET Memory Dump Analysis, Second Edition

New! Now includes Practical Foundations of Windows Debugging, Disassembling, Reversing PDF book.

The full transcript of Software Diagnostics Services Training with 9 step-by-step exercises, notes, source code of specially created modeling applications and selected Q&A. Covers 20 .NET memory dump analysis patterns plus additional unmanaged patterns.

  • Title: Accelerated .NET Memory Dump Analysis, Second Edition: Training Course Transcript and WinDbg Practice Exercises
  • Authors: Dmitry Vostokov, Software Diagnostics Services
  • Publisher: OpenTask (August 2013)
  • Language: English
  • PDF: 268 pages
  • ISBN-13: 978-1908043597

Table of Contents
Slides from the training

When you purchase the PDF book you additionally get free named Software Diagnostics Library membership with access to more than 300 cross-referenced patterns of memory dump analysis, their classification, and more than 70 case studies. There is an option to buy 9 volumes of Memory Dump Analysis Anthology in PDF format (retail price $170) together with the course.

Purchase

Historical video recording is also available

BugInject Library

We announce a forthcoming release of a multiplatform library BugInject® which models and injects abnormal software structure and behaviour patterns from Software Diagnostics Institute pattern catalogues into running software. The injection patterns range from very simple analysis patterns such as access violation to complex pattern interaction scenarios involving multiple analysis patterns and multiple observable elementary software diagnostics patterns.

The library is useful for:

  • Quality assurance and testing
  • Reliability and resilience assessment
  • Modelling abnormal software behaviour for research
  • Software diagnostics and debugging training

Book: Accelerated Windows Debugging 3

The Way You Learn DebuggingTM

New! Now includes Practical Foundations of Windows Debugging, Disassembling, Reversing PDF book.

The full transcript of Software Diagnostics Services Training. Learn live local and remote debugging techniques and tricks in kernel, user process and managed .NET spaces using WinDbg debugger. The unique and innovative Debugging3 course teaches unified debugging patterns applied to real problems from complex software environments. The training consists of practical step-by-step hands-on exercises.

  • Title: Accelerated Windows Debugging 3: Training Course Transcript and WinDbg Practice Exercises
  • Authors: Dmitry Vostokov, Software Diagnostics Services
  • Publisher: OpenTask (July 2013)
  • Language: English
  • PDF: 252 pages
  • ISBN-13: 978-1908043566

Table of Contents
Slides from the training

When you purchase the PDF book you additionally get free named Software Diagnostics Library membership with access to more than 300 cross-referenced patterns of memory dump analysis, their classification, and more than 70 case studies. There is an option to buy 9 volumes of Memory Dump Analysis Anthology in PDF format (retail price $170) together with the course.

Purchase

Historical video recording is also available

Software Diagnostics Professionals

As a part of Software Diagnostics Network (SDN) the Software Diagnostics Professional (SDP) Program recognizes individuals who invested energy, time, resources and demonstrated their expertise in pattern-oriented software diagnostics.

Award process and criteria:

  • By invitation, submission and nomination
  • Active promotion of pattern-oriented software diagnostics

Benefits:

  • Vendor independence
  • No NDA required
  • 3 year term
  • Priority support for members

Presentation and Recording of Pattern-Oriented Network Trace Analysis Webinar

The presentation from Webinar (27th of June, 2013) is available for download: PatternOrientedNetworkTraceAnalysis.pdf

The recording is available for viewing: http://youtu.be/cdWvMkg8VTM

Complete transcript: Pattern-Oriented Network Trace Analysis

Professional Diagnostics and Debugging Development Program

PD3P starts from September, 2013 and its curricular combines the best of our software diagnostics and debugging training courses, presentations, webinars, books, Software Diagnostics Library and Debugging TV. During the last years a number of customers used our memory dump analysis audit program to learn about software diagnostics patterns, tools, processes and best practices. Due to continuing demand we decided to create a separate comprehensive professional development program in debugging. More details including enrolment information will be available this Summer.

Software Diagnostics Services Toolkit

As a part of our Software Diagnostics Workbench we start compiling vendor-independent professionally evaluated list of software diagnostics tools. The initial list is small and is based on Windows tools we actively use and teach in our training courses, seminars and Debugging TV episodes:

The list will be expanded and for the more comprehensive list please look at Software Diagnostics Institute Tools page.

Software Diagnostics Library

Software Diagnostics Institute now provides free access to their library resources for our customers.

Join Debugging Diagnostics Revolution!

35 years ago:

"Considerable time, resources and money now lost on unorganized, trial-and-error approaches to storage dump debugging ..."

Daniel H. Rindfleisch, Author of "Debugging System 360/370 Programs Using OS And VS Storage Dumps"

Since then, software became much more complex and widespread. Unfortunately, today we can still quote the same phrase:

Huge amount of "time, resources and money now lost on unorganized, trial-and-error approaches to [memory] dump debugging".

All that can be saved using new systematic, thorough, and practical pattern-driven analysis techniques taught in our training courses available online, in print, and in PDF format:

http://www.dumpanalysis.com/remote-training

or using our memory dump analysis audit services:

http://www.dumpanalysis.com/memory-dump-analysis-audit-service

Training: Writing Bad Code

Forthcoming in June, 2016

Why would you need to learn how to write bad code? Of course, not to write malicious code backdoors but to understand software internals and diagnostics better. Writing “good” bad code is not easy especially if you put specific requirements to it and are not satisfied with accidental effects of "bad" bad code.

Topics include:

  • Modelling abnormal software behavior
  • Modelling memory analysis patterns
  • Modelling trace and log analysis patterns
  • Software problem design patterns
  • "Excellent" bad code
  • Portable bad code
  • Avoiding compiler undefined behaviour
  • Debugging bad code to make it working as intended
  • The training also includes numerous hands-on coding projects using Visual C++ and GNU C/C++ compilers, Windows and Linux platforms

Training: Accelerated Windows Memory Forensics

Reading Computer's Mind

Learn how to navigate through memory space and discover forensic artefacts. We use a unique and innovative pattern-driven analysis approach to speed up the learning curve. The training consists of practical step-by-step exercises using Microsoft WinDbg debugger from Debugging Tools for Windows to diagnose structural memory patterns in x86 and x64 physical and process memory dumps. Patterns of memory acquisition are also covered.

Accelerated Windows Memory Forensics Logo The training consists of the following materials:

  1. A full transcript in PDF format (retail price $300)
  2. 7 volumes of Memory Dump Analysis Anthology in PDF format (retail price $140)
  3. Free Software Diagnostics Library membership with access to more than 200 cross-referenced patterns of memory dump analysis, their classification and more than 70 case studies

Level: Beginner/Intermediate

Prerequisites: Working knowledge of Windows. Operating system internals concepts are explained when necessary.

Audience: Security researchers, malware analysts, digital forensics engineers who have never used WinDbg for analysis of computer memory. The course will also be useful for technical support and escalation engineers who analyse memory dumps from complex software environments and need to go deeper in their analysis of abnormal software structure and behaviour.

Once released this training will also become a part of our Windows Memory Forensics Training Pack.

Fundamentals of Physical Memory Analysis

This is a revised version of the seminar delivered more than 2 years ago. Now updated to the latest WinDbg from Windows SDK 8.1.

Date: December 30, 2013
Time: 7:00 PM (GMT)
Duration: 60 minutes

Topics include:

  • User vs. kernel vs. physical memory space
  • Challenges of physical memory analysis
  • Common WinDbg commands
  • Patterns and pattern catalogues
  • Common mistakes
  • Fibre bundles
  • Hands-on exercise: a physical memory dump analysis
  • A guide to Software Diagnostics Library
  • Memory forensics
Physical Memory Analysis Logo

Forthcoming Free Webinar: Pattern-Oriented Software Forensics

Pattern-Oriented Software Forensics Webinar Logo Date: 27th of December, 2013
Time: 19:00 (BST)
Duration: 60 minutes

This Webinar introduces a comprehensive theory behind software forensics based on systemic and pattern-oriented software diagnostics developed by Software Diagnostics Institute. It synthesises pattern-oriented memory analysis of malware and victimware with pattern-oriented software log and trace analysis based on software narratology.

Training: Advanced Windows Memory Dump Analysis with Data Structures

Learn how to navigate through memory dump space and Windows data structures to troubleshoot and debug complex software incidents. We use a unique and innovative pattern-driven analysis approach to speed up the learning curve. The training consists of practical step-by-step exercises using WinDbg to diagnose structural and behavioral patterns in 64-bit kernel and complete memory dumps. Additional topics include memory search, kernel linked list navigation, practical WinDbg scripting, registry, system variables and objects, device drivers and I/O.

Public preview (selected slides) of the previous training

The training consists of 2 two-hour sessions. When you finish the training you additionally get:

  1. A full transcript in PDF format (retail price $300)
  2. 7 volumes of Memory Dump Analysis Anthology in PDF format (retail price $140)
  3. A personalized attendance certificate with unique CID (PDF format)
  4. Free Software Diagnostics Library membership with access to more than 200 cross-referenced patterns of memory dump analysis, their classification and more than 70 case studies

Prerequisites: Basic and intermediate level Windows memory dump analysis: ability to list processors, processes, threads, modules, apply symbols, walk through stack traces and raw stack data, diagnose patterns such as heap corruption, CPU spike, memory and handle leaks, access violation, stack overflow, critical section and resource wait chains and deadlocks. If you don't feel comfortable with prerequisites then Accelerated Windows Memory Dump Analysis training is recommended to take (or purchase a corresponding book) before attending this course.

Audience: Software developers, security professionals, software technical support and escalation engineers.

Advanced Windows Memory Dump Analysis Logo

At this time available only in a PDF book format with $100 discount.

Training: Deep Down C++

If you mastered Memory Language you mastered all other programming languages.

Learn internals of C++ implementation on x64 Windows platforms. Improve your memory thinking and understanding of C++ coding standards. We use a unique and innovative memory cell diagram approach to speed up the learning curve. The training consists of practical step-by-step hands-on exercises using WinDbg and memory dumps. The author of this course has solid experience in debugging very large C++ code bases, in the development of static code analysis tools for C++ and in C++ and STL semantics.

Deep Down C++ Logo The training consists of 2 two-hour sessions. When you finish the training you additionally get:

  1. A full transcript in PDF format (retail price $300)
  2. 7 volumes of Memory Dump Analysis Anthology in PDF format (retail price $140)
  3. A personalized attendance certificate with unique CID (PDF format)
  4. Free Software Diagnostics Library membership with access to more than 200 cross-referenced patterns of memory dump analysis, their classification and more than 70 case studies

Level: Intermediate/Advanced

Prerequisites: Working knowledge of C++. Operating system internals and assembly language concepts are explained when necessary.

Audience: Software engineers designing, developing and debugging software using C++. The course will also be useful for technical support and escalation engineers who analyse memory dumps from complex software environments and need to go deeper in their analysis of abnormal software structure and behaviour.

The PDF training book to be published in 2014.

Note: 40% discount is available for those who previously booked Accelerated Disassembly, Reconstruction and Reversing training or purchased its book.

Syndicate content