New dates/times TBD
This training course extends pattern-oriented analysis introduced in Accelerated Windows Memory Dump Analysis, Accelerated .NET Core Memory Dump Analysis, Advanced Windows Memory Dump Analysis with Data Structures, and Accelerated Windows Malware Analysis with Memory Dumps courses with:
- Surveying the current landscape of WinDbg extensions with analysis pattern mappings
- Writing WinDbg extensions in C and C++
- Connecting WinDbg to NoSQL databases
- Connecting WinDbg to streaming and log processing platforms
- Querying and visualizing WinDbg output data
The new version of the training updates existing and includes new exercises.
Slides from the previous training
Before the training, you get:
- The current PDF book version and the previous recording of the training
- Practical Foundations of Windows Debugging, Disassembling, Reversing, Second Edition PDF book
- Access to Software Diagnostics Library
After the training, you also get:
- The new edition of the PDF book version of the training
- Personalized Certificate of Attendance with unique CID
- Optional Personalized Certificate of Completion with unique CID (after the tests)
- Answers to questions during training sessions
- New recording
Prerequisites: Working knowledge of WinDbg. Working knowledge of Python, C or C++ is optional (required only for some exercises). Other concepts are explained when necessary.
Audience: Software developers, software maintenance engineers, escalation engineers, quality assurance engineers, security and vulnerability researchers, malware and memory forensics analysts who want to build memory analysis pipelines.
If you are interested in Windows postmortem software diagnostics using memory dump files there are other courses available:
Accelerated Windows Memory Dump Analysis
Accelerated .NET Core Memory Dump Analysis
Advanced Windows Memory Dump Analysis with Data Structures
Accelerated Windows Malware Analysis with Memory Dumps