Displaying 1 to 13 from 13 results

Sample Windbg Extension in Visual Studio


This is a sample extension for Windbg that can be built using Visual Studio.

Microsoft Open Debugger Extension for WinDbg


ODbgExt is an open source debugger extension for WinDbg that is intended to be developed by the debugging community. It is based on the Windows Debugger SDK Sample ‘exts’ and uses the COM Debugger interface IDebugControl. The primary objective of the project is to provide the ...

!exploitable Crash Analyzer - MSEC Debugger Extensions


!exploitable (pronounced “bang exploitable”) is a Windows debugging extension (Windbg) that provides automated crash analysis and security risk assessment.

PowerDbg - Automated Debugging using WinDbg and PowerShell


*PowerDbg is a PowerShell library that enables the automation of the debugging session through PowerShell scripts and WinDbg.* Description: [url:http://blogs.msdn.com/debuggingtoolbox/archive/tags/PowerDbg+Library/default.aspx] Scripts based on PowerDbg: [url:http://blogs.msdn

WinObjEx64 - Windows Object Explorer 64-bit

  •    C

WinObjEx64 is an advanced utility that lets you explore the Windows Object Manager namespace. For certain object types, you can double-click on it or use the "Properties..." toolbar button to get more information, such as description, attributes, resource usage etc. WinObjEx64 let you view and edit object-related security information if you have required access rights. WinObjEx64 does not require administrative privileges. However administrative privilege is required to view much of the namespace and to edit object-related security information.

wdbgark - WinDBG Anti-RootKit Extension

  •    C++

WDBGARK is an extension (dynamic library) for the Microsoft Debugging Tools for Windows. It main purpose is to view and analyze anomalies in Windows kernel using kernel debugger. It is possible to view various system callbacks, system tables, object types and so on. For more user-friendly view extension uses DML. For the most of commands kernel-mode connection is required. Feel free to use extension with live kernel-mode debugging or with kernel-mode crash dump analysis (some commands will not work). Public symbols are required, so use them, force to reload them, ignore checksum problems, prepare them before analysis and you'll be happy. Windows BETA/RC is supported by design, but read a few notes. First, i don't care about checked builds. Second, i don't care if you don't have symbols (public or private). IA64/ARM is unsupported (and will not).

DbgShell - A PowerShell front-end for the Windows debugger engine.

  •    CSharp

A PowerShell front-end for the Windows debugger engine.Ready to tab your way to glory? For a quicker intro, take a look at Getting Started.

debug-recipes - My notes collected while debugging various .NET and Windows problems.

  •    ASP

This is a repository of my notes collected while debugging various .NET and Windows problems. You can find here commands with example usages, scripts and other debugging materials. It is still being constructed so some notes might not be finished - use on your own responsibility. Try using the project search box while looking for a particular subject. I hope you will find them useful. Any contribution is welcome.

superdump - A service for automated crash-dump analysis

  •    CSharp

SuperDump is a service for automated crash-dump analysis. It has a web- as well as a REST-interface to upload Windows crash dumps or Linux coredumps. For authentication it is necessary to add a few settings to either the appconfig.json file, environment variables or using the user secrets file of asp .net.

hevd - Public repository for HEVD exploits

  •    C

Public repository for HackSys Extremely Vulnerable Driver (HEVD) exploits targeting Windows 8.1 x64 (9600) and Windows 10 x64 (1709).