通过

[Recommended Books] How to Acquire or Improve Debugging Skills

  • 项目

This article is my answer for this comment.

First of all, this is just my opinion, not Microsoft’s opinion.

Before talking about books, let me explain something that I see over and over again.

Sometimes I’ve run across people who think they just need to know the debugger commands to become a good debugger.

This is a misconception. It’s like chess: just because you know the game rules and how to move the pieces doesn’t mean you are a good player. Actually to become good in chess you need to learn a lot more than the basics! To become great in chess you need to learn much more!

Debugging is the same. Debugging, testing and developing code are related topics. If you are a good programmer, you are a good tester and a good debugger. Of course, people that spend most of their time working with testing and creating test tools, have greater software testing skills. People that spend most of their time debugging have greater software debugging skills.

Anyway, the three activities are totally related, so if you want to be a good debugger the first thing you should know is how to program.

For several reasons I recommend C++ then C# if you want to learn more about managed debugging.

 

A good debugger should know the following:

 

- A programming language. C++ is recommended. Learning C++ you’ll learn C, too. Be sure to learn how to program in C++ using Object Oriented Programming. I actually learned C then C++.

- Knowledge about Windows internals, like APIs, message flow, etc. . .

- Ability to read disassembled code.

- Troubleshooting tools.

- How (and when) to use a debugger.

- How to isolate a problem, following a scientific approach based on hypothesis.

 

That said, below I present a list of books that I really like the most among all the books I’ve read. They are my favorites!

It will be great to receive feedback from readers about other interesting books, so feel free to share your favorite book titles.

 

 

C/C++

 

Effective C++ (Meyers)

More Effective C++ (Meyers)

Efficient C++ (Bulka, Mayhew)

C++ Coding Standards ( Sutter, Alexandrescu)

Exceptional C++ and More Exceptional C++ (Herb Sutter)

C++ Common Knowledge (Stephen C. Dewhurst)

C++ Strategies and Tactics (Robert B. Murray)

Designing Object Oriented C++ Applications using the Booch Method (Martin)

 

Although these are my favorites you may want to check out for yourself.

 

C#

 

Programming Windows with C# (Petzold)

C# Programmer’s Cookbook (Jones)

Programming .NET Components (Lowy)

C# Cookbook (Hilyard & Teilhet)

CLR via C# 2nd Edition (Richter)

Applied Microsoft .NET Framework Programming (Jeffrey Richter)

 

Note: I like programming books focused on common problems or those that present short programs for a specific task. These kinds of books are more useful for my daily job than books about architecture, framework programming, etc…

 

 

Security

 

Writing Secure Code 2nd edition (Howard, LeBlanc)

Buffer Overflows (Foster)

Secure Coding in C and C++ (Seacord)

Rootkits (Greg Hoglund, James Butler)

Shellcoder’s Programming Uncovered (Kris Kaspersky)

Shellcoder’s Handbook (Koziol, Litchfield, Aitel, Anley, Eren, Mehta, Hassell)

Sockets, Shellcode, Porting & Coding (James C. Foster)

Exploiting Software (Greg Hoglund, Gary McGraw)

Hunting Security Bugs (Gallagher, Jeffries, Landauer)

Practical Malware Analysis (Sikorski, Honig)

Managed Code Rootkits: Hooking into Runtime Environments (Erez Metula)

 

I love books related to security! I’m not a security engineer, but I’m interested in knowing more about bugs and what they look like in low level terms. Moreover, these books talk about reverse engineering at some level.

Bugs and Software Problems

 

Find The Bug (Adam Barr)

 

It’s always important for those that want to excel at debugging to know more about bugs. It helps you to get this “sixth sense” when analyzing a source code.

Programming

 

Practical Guidelines and Best Practices for Visual Basic and Visual C# Developers (Balena, Dimauro)

.NET Gotchas (Subramaniam)

Code Complete 2nd Edition (McConnell)

Write Great Code, Volume 2 – Thinking Low-Level, Writing High Level (Hyde)

Code Craft: The Practice of Writing Excellent Code (Pete Goodliffe)

Refactoring: Improving the Design of Existing Code (Fowler, Beck, Brant, Opdyke, Roberts)

The Pragmatic Programmer: From Journeyman to Master (Andrew Hunt)

 

If you need to choose just one, pick up Code Complete 2nd edition.

Specifically for .NET the “Practical Guidelines…” it’s awesome.

 

Windows

Windows Internals (Russinovich, Salomon)

Windows NT/2000 – Native API Reference (Nebbett)

The Old New Thing (Chen)

Multithreading Applications in Win32 (Beveridge Wiener)

 

COM

 

ATL Internals (Rector, Sells)

Essential COM (Don Box)

Developer’s Workshop to COM and ATL 3.0 (Andrew Troelsen)

 

It’s very helpful to know the low level details of COM and ATL as several applications use COM at some level.

 

Debugging

 

Debugging by Thinking (Metzger)

Debugging ASP.NET (Goodyear, Peek, Fox)

The Science of Debugging (Telles, Hsieh)

Software Exorcism (Blunden)

Debugging Applications for .NET and Windows (Robbins)

Debugging .Net 2.0 Applications (Robbins)

Debugging – The 9 Indispensable Rules for Finding Even the Most Elusive Software and Hardware problems (Agans)

Debugging Windows Programs (McKay, Woodring)

Why Programs Fail: A guide to Systematic Debugging (Zeller)

Advanced Windows Debugging (Hewardt, Pravat)

Memory Dump Analysis Anthology - Volume 1 (Vostokov)

Memory Dump Analysis Anthology - Volume 2 (Vostokov)

Advanced .NET Debugging (Herwardt, Mario)

Windows Debugging Notebook - Essential User Space WinDbg Commands (Vostokov, Farah)

Inside Windows Debugging - A Practical Guide to Debugging and Tracing Strategies in Windows (Soulami, Tarik)

 

Some of the books above talk only about the mindset you need to be a good debugger, others are more focused on code and others talk about both.

 

  

Assembly, Disassembly and Reverse Engineering

 

I love this topic! If you want to be a good debugger you need to know this stuff.

 

Reversing – Secrets of Reverse Engineering (Eilam)

Disassembling Code (Vlad Pirogov)

Visual C++ Optimization with Assembly Code (Yury Magda)

Hacker Disassembling Uncovered  (Kaspersky)

Hacker Disassembling Uncovered 2nd Edition  (Kaspersky)

Expert .NET 2.0 IL Assembler (Lidin)

The Assembly Language Master Book (Vlad Pirogov)

The Art of Assembly Language (Hyde)

CrackProof your Software (Cerven) – old book, but still interesting.

x86 Disassembly (Wikibooks contributors)

Practical Reverse Engineering (Dang, Gazet, Bachaalany)

 

In my opinion Kris Kaspersky has the best disassembly books! He really knows the stuff.

If you need to choose only one book, pick up Hacker Disassembling Uncovered 2nd edition, which comes with a CD of the first book. However if you don’t want to print the content of the 1st edition from the CD, I recommend you get both books.

Others

 

The McKinsey Way (Rasiel)

 

The McKinsey Way is a book that had early influence on my approach to isolating problems.

 

Happy debugging!

Comments

  • Anonymous
    June 08, 2007
    The comment has been removed

  • Anonymous
    June 11, 2007
    You can get a downloadable, fun poster of my nine rules at www.debuggingrules.com.  It'll give you a useful, constant reminder of essential techniques, and look cool on your office wall.  It's from the book Debugging - The 9 indispensable rules, referenced in the article.

  • Anonymous
    June 11, 2007
    Hi Dave, Wow! It's a honor for me to have your comment here :) I actually have the poster in my computer since I bought the first edition of your book! Thanks.

  • Anonymous
    June 17, 2007
    Roberto, thanks a lot for the list. I'll now rush to the nearest book store.

  • Anonymous
    June 17, 2007
    Almost all of the good books I know are already listed by you. One excellent C++ book not mentioned in your list is "Inside C++ Object Model" by Stan Lippman. Maybe you already know it. Reading this book was enlightening experience for me.

  • Anonymous
    June 18, 2007
    Hi Vedala,  Thanks for this recommended book. :)

  • Anonymous
    July 06, 2007
    Great list. I know you focus is debugging skills, but there are also a lot of books that are useful for developer’s daily tasks, so I may also recommend: Effective STL (Meyers) And if you also have to debug the network communication: TCP Illustrated Series (Stevens) UNIX Networking Programming Series (Stevens) Interneworking with TCP/IP Series (Comer)

  • Anonymous
    July 06, 2007
    Hi Antonio, Thanks for sharing with us!

  • Anonymous
    November 02, 2008
    Please suggest where to start? I mean which book I should read first?

  • Anonymous
    November 03, 2008
    I don't know your goal and your background, so it's difficult to say what is the best recommendation. Assuming you're already a developer and you want to improve your debugging skills using WinDbg my recommendations are:

  • Managed code debugging: Start with the newest book from John Robbins. More advanced books are coming soon, possibly next year. :)
  • Native code debugging:  You can start with John Robbins second book, that one that comes before the newest book and talks about native and managed code. It's a big book! As you become more skilled on debugging native code you should read: Advanced Windows Debugging (Hewardt, Pravat) Memory Dump Analysis Anthology - Volume 1 (Vostokov) Memory Dump Analysis Anthology - Volume 2 (Vostokov) Hope it helps. Thanks