Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Windbg scripts, debugging and troubleshooting tools and techniques to help you isolate software problems.
[WinDbg Script] Hacking Minesweeper for Windows 8
<IMPORTANT UPDATE> Today two people told me the script was not working and they also said they...
Date: 05/14/2014
Tools for Your Debugging Toolbox
This article was just updated to include an internal Microsoft tool that is now public. There are...
Date: 10/04/2012
D3v3l0p3r PF3s – 0bs3rv1ng Th3m in Th31r Natural Hab1tat
PFE has engineers who specialize in areas which can contain one or more technologies. This species...
Date: 05/19/2012
[WinDbg Script] Displaying the COM object referenced by an RCW object
Here we go again after a long time without blogging and an even longer time without blogging about...
Date: 03/02/2012
Top Things to Consider When Troubleshooting Complex Application Issues
1- For reactive incidents: “Bring the engineer onsite because it is going to be easier to...
Date: 10/03/2011
New Debugging Book – Windows Debugging Notebook: Essential User Space WinDbg Commands
A reference book for technical support and escalation engineers troubleshooting and debugging...
Date: 09/29/2011
[PowerShell Script] PowerDbg v6.0 – Using PowerShell to Control WinDbg
Last October the latest version of the PowerDbg tool was released, version 6.0. This release has...
Date: 02/28/2011
[PowerShell Script] Troubleshooting for Port Exhaustion Using NetStat
Problem Description: Applications that use a great deal of TCP network activity may use all of the...
Date: 10/11/2010
[WinDbg Script] Displaying Parameters for Microsoft.ReportingServices.ReportProcessing
Here is a new script from a PFE from Portugal, Marcio Parente. Marcio kindly shared his source code...
Date: 08/13/2010
PSSCOR2, the Superset of SOS.DLL is Now Public!!!
Whenever I’m debugging with customers watching it’s inevitable: they always ask me what this...
Date: 03/29/2010
XPerf Tool – Why Can’t You Live Without It?
Israel Burman (Israel is one of the ADPlus creators and the guy who taught me the XPerf tool) and...
Date: 03/15/2010
Special Command—Editing memory with a, eb, ed, ew, eza, ezu
When talking about editing memory, we usually think about patching code. Patching code means...
Date: 01/05/2010
[PowerShell Script] PowerDbg v5.3—Using PowerShell to Control WinDbg
This version has a fix in Parse-PowerDbgDSO. Thanks to Igor Dvorkin that found the bug and suggested...
Date: 12/21/2009
Special Command—Unassembling code with u, ub and uf
When debugging sooner or later you will need to disassemble code to get a better understanding of...
Date: 11/05/2009
Special Command—Using # to Find Patterns of Assembly Instructions
Sometimes you need to look for patterns of disassembled code. You can browse the disassembled code...
Date: 10/23/2009
Special Command—Tracing Applications Using wt
wt [WatchOptions] [= StartAddress] [EndAddress] Transcribing the WinDbg documentation, this command...
Date: 10/12/2009
Special Command—Saving Modules Using .writemem
This command enables you to save memory into a disk file. The cool thing about it is that you can...
Date: 09/22/2009
Special Command—Using .dump/.dumpcab to Get Dumps and Symbols from Production Servers
Using WinDbg you can create a dump file from an application running, for instance, in a production...
Date: 09/15/2009
Special Command—Using !chksym/!itoldyouso to Check PDB Files Against Modules
These are two debugger extensions that are used to see the PDB file that matches a specific module....
Date: 09/04/2009
Special Command—Displaying Information From Modules/DLLs with !dlls
!dlls extension displays the table entries of all loaded modules. You can also use it to display all...
Date: 08/19/2009
Special Command—Using !for_each_frame to Run Commands
!for_each_frame is a favorite among debuggers. It's a very flexible and powerful command that...
Date: 08/19/2009
Special Command—Displaying More PE Header Information with !dh
The !dh extension displays the PE header information from a specified module. Usage: !dh [options]...
Date: 08/19/2009
Special Command—Displaying the PE Header Information with !lmi
Like its cousin !dh, the !lmi extension displays the PE header information from a specified module....
Date: 08/19/2009
[PowerShell Script] Statistics from .NET Applications
This script is more a template to show you how to use PowerDbg. I must say the idea is from my...
Date: 04/15/2009
[PowerShell Script] PowerDbg v5.2—Using PowerShell to Control WinDbg
This version has two improvements and some scripts were changed to be compatible with this new...
Date: 04/15/2009
[PowerShell Script] PowerDbg v5.1—Using PowerShell to Control WinDbg
So, here we go again. This is a minor version with a few new cmdlets. These new cmdlets are those...
Date: 03/19/2009
Special Command—Peeking Memory Addresses Using !address
Let’s say that you get a memory address and you want to know if it’s from the heap, the stack, or...
Date: 03/17/2009
Special Command—Parsing Strings, Files, and Commands Output Using .foreach
This is by far one of the most powerful WinDbg commands. Even if you don’t create scripts, you’ll...
Date: 03/11/2009
Special Command—Parsing Commands Using .shell
Finally I’m writing about this command. I love it! It’s so powerful! .shell command launches a shell...
Date: 02/19/2009
[PowerShell Script] PowerDbg v5.0—Using PowerShell to Control WinDbg
I’m very excited to present the new PowerDbg v5.0! There’s just one change, but it’s a HUGE change...
Date: 02/03/2009
[WinDbg Script] Displaying Queries/Stored Procedures from Threads Running Managed Code
There’s another script that gives you all queries/stored procedures from SQL Server or Oracle that...
Date: 02/01/2009
Special Command—Advanced Programming Techniques for WinDbg Scripts
It has been a long time since my last post, but I’m back on the blog. The article for today is about...
Date: 01/31/2009
[PowerShell Script] Finding Out the Managed Objects that "Leaked"
Here in PFE most of my teammates use the same approach to identify managed objects that “leak”. The...
Date: 11/13/2008
[Recommended Books] The List of Recommended Debugging Books was Updated
Check this out.
Date: 11/01/2008
[PowerShell Script] Extracting All Key/Value Pairs from a Dictionary Object
Brad Linscott, a teammate of mine since the old times of SIE, came up with a very helpful idea: find...
Date: 10/28/2008
Special Command—Execute Commands from a Customized User Interface with .cmdtree
A few weeks ago I received an e-mail from Brad Wilson, a Support Escalation Engineer from the OCS...
Date: 09/16/2008
NetWiz - How to Download the Tool (finally!)
I just updated this blog post. Now you can download NetWiz. Latest version here.
Date: 08/30/2008
[PowerShell Script] Chart and Statistics from Top 20 Objects Leaking
If you want to know the top 20 objects associated with the GC Handles that are leaking, you have...
Date: 08/22/2008
[PowerShell Script] PowerDbg v4.0 - Using PowerShell to Control WinDbg
Good news! Here’s the newest PowerDbg library. This version is more stable and has more features....
Date: 08/14/2008
[PowerShell Script] Downloading PDB for Specific Modules
A few weeks ago, during a laboratory with a customer, I found myself struggling to download the...
Date: 08/08/2008
The Microsoft Interview Process – Videos, Articles and Material
VIDEO WITH MICROSOFT RECRUITERS PART 1 https://channel9.msdn.com/ShowPost.aspx?PostID=18472 PART 2...
Date: 07/16/2008
If I Only Could Change the Interview Process
I think Microsoft has one of the best interview processes of any major corporation around. There are...
Date: 07/16/2008
Who Is More Creative?
Not so long ago I had an interesting Messenger conversation with a great friend of mine that is a...
Date: 07/09/2008
Tools for Troubleshooting Applications (including SharePoint)
Let me share with you some public tools I’ve been using when working with applications and...
Date: 07/03/2008