No announcement yet.

Workshop Information: Modern Debugging^HWarfare with WinDbg Preview

  • Filter
  • Time
  • Show
Clear All
new posts

  • Workshop Information: Modern Debugging^HWarfare with WinDbg Preview

    Title: Modern Debugging^HWarfare with WinDbg Preview

    Instructor: Chris Alladoum & Axel Souchet

    Abstract: It's 2019 and yet too many Windows developers and hackers alike rely on (useful but rather) old school tools for debugging Windows binaries (OllyDbg, Immunity Debugger). What they don't realize is that they are missing out on invaluable tools and functionalities that come with Microsoft newest WinDbg Preview edition. This hands-on workshop will attempt to level the field, by practically showing how WinDbg has changed to a point where it should be the first tool to be installed on any Windows (10) for binary analysis machine: after a brief intro to the most basic (legacy) commands, this workshop will focus around debugging modern software (vulnerability exploitation, malware reversing, DKOM-based rootkit, JS engine) using modern techniques provided by WinDbg Preview (spoiler alert to name a few, JavaScript, LINQ, TTD). By the end of this workshop, trainees will have their WinDbg-fu skilled up.

    Level: Intermediate

    Pre-Requisites: familiarity with Windows platform and kernel debugging
    basic knowledge of debuggers (pref. WinDbg)
    basic knowledge of JavaScript

    Required Materials: Any modern laptop with at least one Windows 10 VM guest (pref. 2 for kdnet remote debugging, but can work out with lkd).