The kernel is a common target for advanced malware and many of the most powerful vulnerabilities manifest themselves in kernel components. The ability to utilise a debugger to explore this environment is a powerful tool in any researcher's arsenal.
Delving into this kind of debugging can be daunting so in this new blog post our consultant Jan Mitchell has provided some examples of how to get started with WinDbg. It starts with some of the more basic commands and then moves through to more advanced debugger usage.
This blog uses three example activities as a way of demonstrating the capabilities of WinDbg and hopefully demonstrating how powerful this tool can be.