Debugging Toolbox
Windbg scripts, debugging and troubleshooting tools and techniques to help you isolate software problems.
[WinDbg Script] Hacking Minesweeper for Windows 8
<IMPORTANT UPDATE> Today two people told me the script was not working and they also said they...
Date: 05/14/2014
Tools for Your Debugging Toolbox
This article was just updated to include an internal Microsoft tool that is now public. There are...
Date: 10/04/2012
D3v3l0p3r PF3s – 0bs3rv1ng Th3m in Th31r Natural Hab1tat
PFE has engineers who specialize in areas which can contain one or more technologies. This species...
Date: 05/19/2012
[WinDbg Script] Displaying the COM object referenced by an RCW object
Here we go again after a long time without blogging and an even longer time without blogging about...
Date: 03/02/2012
Top Things to Consider When Troubleshooting Complex Application Issues
1- For reactive incidents: “Bring the engineer onsite because it is going to be easier to...
Date: 10/03/2011
New Debugging Book – Windows Debugging Notebook: Essential User Space WinDbg Commands
A reference book for technical support and escalation engineers troubleshooting and debugging...
Date: 09/29/2011
[PowerShell Script] PowerDbg v6.0 – Using PowerShell to Control WinDbg
Last October the latest version of the PowerDbg tool was released, version 6.0. This release has...
Date: 02/28/2011
[PowerShell Script] Troubleshooting for Port Exhaustion Using NetStat
Problem Description: Applications that use a great deal of TCP network activity may use all of the...
Date: 10/11/2010
[WinDbg Script] Displaying Parameters for Microsoft.ReportingServices.ReportProcessing
Here is a new script from a PFE from Portugal, Marcio Parente. Marcio kindly shared his source code...
Date: 08/13/2010
PSSCOR2, the Superset of SOS.DLL is Now Public!!!
Whenever I’m debugging with customers watching it’s inevitable: they always ask me what this...
Date: 03/29/2010
XPerf Tool – Why Can’t You Live Without It?
Israel Burman (Israel is one of the ADPlus creators and the guy who taught me the XPerf tool) and...
Date: 03/15/2010
Special Command—Editing memory with a, eb, ed, ew, eza, ezu
When talking about editing memory, we usually think about patching code. Patching code means...
Date: 01/05/2010
[PowerShell Script] PowerDbg v5.3—Using PowerShell to Control WinDbg
This version has a fix in Parse-PowerDbgDSO. Thanks to Igor Dvorkin that found the bug and suggested...
Date: 12/21/2009
Special Command—Unassembling code with u, ub and uf
When debugging sooner or later you will need to disassemble code to get a better understanding of...
Date: 11/05/2009
Special Command—Using # to Find Patterns of Assembly Instructions
Sometimes you need to look for patterns of disassembled code. You can browse the disassembled code...
Date: 10/23/2009
Special Command—Tracing Applications Using wt
wt [WatchOptions] [= StartAddress] [EndAddress] Transcribing the WinDbg documentation, this command...
Date: 10/12/2009
Special Command—Saving Modules Using .writemem
This command enables you to save memory into a disk file. The cool thing about it is that you can...
Date: 09/22/2009
Special Command—Using .dump/.dumpcab to Get Dumps and Symbols from Production Servers
Using WinDbg you can create a dump file from an application running, for instance, in a production...
Date: 09/15/2009
Special Command—Using !chksym/!itoldyouso to Check PDB Files Against Modules
These are two debugger extensions that are used to see the PDB file that matches a specific module....
Date: 09/04/2009
Special Command—Displaying Information From Modules/DLLs with !dlls
!dlls extension displays the table entries of all loaded modules. You can also use it to display all...
Date: 08/19/2009
Special Command—Using !for_each_frame to Run Commands
!for_each_frame is a favorite among debuggers. It's a very flexible and powerful command that...
Date: 08/19/2009
Special Command—Displaying More PE Header Information with !dh
The !dh extension displays the PE header information from a specified module. Usage: !dh [options]...
Date: 08/19/2009
Special Command—Displaying the PE Header Information with !lmi
Like its cousin !dh, the !lmi extension displays the PE header information from a specified module....
Date: 08/19/2009
[PowerShell Script] Statistics from .NET Applications
This script is more a template to show you how to use PowerDbg. I must say the idea is from my...
Date: 04/15/2009
[PowerShell Script] PowerDbg v5.2—Using PowerShell to Control WinDbg
This version has two improvements and some scripts were changed to be compatible with this new...
Date: 04/15/2009
[PowerShell Script] PowerDbg v5.1—Using PowerShell to Control WinDbg
So, here we go again. This is a minor version with a few new cmdlets. These new cmdlets are those...
Date: 03/19/2009
Special Command—Peeking Memory Addresses Using !address
Let’s say that you get a memory address and you want to know if it’s from the heap, the stack, or...
Date: 03/17/2009
Special Command—Parsing Strings, Files, and Commands Output Using .foreach
This is by far one of the most powerful WinDbg commands. Even if you don’t create scripts, you’ll...
Date: 03/11/2009
Special Command—Parsing Commands Using .shell
Finally I’m writing about this command. I love it! It’s so powerful! .shell command launches a shell...
Date: 02/19/2009
[PowerShell Script] PowerDbg v5.0—Using PowerShell to Control WinDbg
I’m very excited to present the new PowerDbg v5.0! There’s just one change, but it’s a HUGE change...
Date: 02/03/2009
[WinDbg Script] Displaying Queries/Stored Procedures from Threads Running Managed Code
There’s another script that gives you all queries/stored procedures from SQL Server or Oracle that...
Date: 02/01/2009
Special Command—Advanced Programming Techniques for WinDbg Scripts
It has been a long time since my last post, but I’m back on the blog. The article for today is about...
Date: 01/31/2009
[PowerShell Script] Finding Out the Managed Objects that "Leaked"
Here in PFE most of my teammates use the same approach to identify managed objects that “leak”. The...
Date: 11/13/2008
[Recommended Books] The List of Recommended Debugging Books was Updated
Check this out.
Date: 11/01/2008
[PowerShell Script] Extracting All Key/Value Pairs from a Dictionary Object
Brad Linscott, a teammate of mine since the old times of SIE, came up with a very helpful idea: find...
Date: 10/28/2008
Special Command—Execute Commands from a Customized User Interface with .cmdtree
A few weeks ago I received an e-mail from Brad Wilson, a Support Escalation Engineer from the OCS...
Date: 09/16/2008
NetWiz - How to Download the Tool (finally!)
I just updated this blog post. Now you can download NetWiz. Latest version here.
Date: 08/30/2008
[PowerShell Script] Chart and Statistics from Top 20 Objects Leaking
If you want to know the top 20 objects associated with the GC Handles that are leaking, you have...
Date: 08/22/2008
[PowerShell Script] PowerDbg v4.0 - Using PowerShell to Control WinDbg
Good news! Here’s the newest PowerDbg library. This version is more stable and has more features....
Date: 08/14/2008
[PowerShell Script] Downloading PDB for Specific Modules
A few weeks ago, during a laboratory with a customer, I found myself struggling to download the...
Date: 08/08/2008
The Microsoft Interview Process – Videos, Articles and Material
VIDEO WITH MICROSOFT RECRUITERS PART 1 https://channel9.msdn.com/ShowPost.aspx?PostID=18472 PART 2...
Date: 07/16/2008
If I Only Could Change the Interview Process
I think Microsoft has one of the best interview processes of any major corporation around. There are...
Date: 07/16/2008
Who Is More Creative?
Not so long ago I had an interesting Messenger conversation with a great friend of mine that is a...
Date: 07/09/2008
Tools for Troubleshooting Applications (including SharePoint)
Let me share with you some public tools I’ve been using when working with applications and...
Date: 07/03/2008