Skip to content

Latest commit

 

History

History
164 lines (83 loc) · 8.26 KB

README.md

File metadata and controls

164 lines (83 loc) · 8.26 KB

Debugging Repository

A list of tools and information helpful for debugging.

Monitoring, Recording, Profiling

API Monitor, Rohitab Download

Process Monitor, Mark Russinovich / Microsoft Download

Inspection

CFF Explorer Suite Download - Inspection for Portable Executables (PE)

ChkMatch Download from archive.org - Checks whether PDB and DLL/EXE match

DebugDir Download - originally developed by Oleg Starodumov

DebugView++ Github - a faster alternative to DebugView; BSL license

DebugView, Mark Russinovich / Microsoft Download - this is the original, but use DebugView++ instead, because they improved it really well

Dependencies Github - more recent version of Dependency Walker

Dependency Walker Download - seems to have problems with recursive DLL imports; status: probably abandoned

Process Explorer, Microsoft Download

DynLogger, NTCore Download

System diagnosis

Driver List, NTCore Download

Filter Monitor, NTCore Download

Logging

MS Build Log Viewer Download

Native

Creating Crash Dumps

Visual Studio, Microsoft Download - Community edition is free

ProcDump, Mark Russinovich / Microsoft Download - will detect bitness automatically (or specify -64)

WinDbg, Microsoft Download - .dump /ma <filename>.dmp will use the bitness of the debugger you used for attaching

Process Explorer, Microsoft Download - will detect bitness automatically

Windows Error Reporting LocalDumps Registry key, Microsoft Microsoft Docs

DebugDiag, Microsoft Download - will create dumps with the same bitness as DebugDiag

ADPlus, Microsoft - part of WinDbg, will create dumps with the same bitness as ADPlus

Memory Leaks

LeakDiag - status: super old, only works on Windows XP

Visual Leak Detector Download - GPL v2.1 license; status: probably abandoned

UMDH, Microsoft Microsoft Docs - part of WinDbg

UMDH GUI, ATrefzer Github - MIT license; graphical user interface for UMDH

Other

Application Verifier, Microsoft Microsoft Docs - is part of the Windows SDK

EZ Application Verifier Github - enable Application Verifier and LocalDumps for a lot of executables

GFlags, Microsoft - is part of WinDbg

DebugDiag, Microsoft Download

WinDbg

WinDbg, Microsoft Download - is part of the Windows SDK

WinDbg Preview, Microsoft Windows Store - has a much nicer usability and seems as stable as the regular version

Cheat Sheets & Command Trees

WinDbg Cheat Sheet, ATrefzer Github

.NET

Profiler

CLR Profiler, Microsoft Github, Wikipedia - status: archived, no longer maintained; MIT license

Decompiler

dnSpy Github - status: archived, no longer maintained; GPLv3 license

dotPeek, Jetbrains Download - free version available

ILSpy, Microsoft Github - MIT license

JustDecompile, Telerik Download, direct Download - with an open source engine Github under Apache 2.0 license

Reflector, Redgate - Download - commercial product ~100€ per user

Deobfuscation, Unprotection

NETUnpack, Erik Pistelli Download

SNSRemover, Erik Pistelli direct download - removes strong name signatures

Debugger

MDbg, Microsoft Microsoft Docs - .NET command line debugger

SOS, Microsoft - extension for WinDbg in order to deal with managed applications. Comes with .NET Framework. Try .loadby sos clr for .NET 4, .loadby sos coreclr for .NET Core and Silverlight , .loadby sos mscorwks or loadby sos mscorsvr for .NET 2

SOSEx, Steve Johnson Download- extension for WinDbg, adding features that are missing in SOS

msos, Sasha Goldshtein Github - .NET command line debugger; alternative for WinDbg + SOS; MIT license

soswow64, poizan42 Github - Patch processor information so that SOS works on 64 bit dumps of 32 bit applications

WPF

Snoop Github - WPF spy, Visual inspector, MS-PL license

.NET Core

dotnet-dump, Microsoft Microsoft Docs - collect and analyze .NET Core crash dumps, similar to ProcDump or DebugDiag

dotnet-counters, Microsoft Microsoft Docs - performance counters for .NET Core

dotnet-gcdump, Microsoft Microsoft Docs - memory snapshots for leak analysis

dotnet-trace, Microsoft Microsoft Docs - performance analysis utility

dotnet-symbol, Microsoft Microsoft Docs - downloads .NET COre symbols

dotnet-sos, Microsoft Microsoft Docs - SOS for .NET Core

Other

Exctrlst, Microsoft Article - Extensible Counter List tool; was part of the Windows 2000 Resource Kit; status: probably outdated

Hawkeye Github - edit .NET objects in memory; status: probably abandoned

Managed Stack Explorer (MSE) Github

Sharplab online tool - use Inspect.Heap(new X()); to see the memory layout of an object

People

0xd4d Github

Sasha Goldshtein Twitter

Steve Johnson Website

Mark Russinovich Wikipedia, Website, Twitter - author or Windows Internals books, now CTO of Microsoft Azure

Oleg Starodumov, author of debuginfo.com (down) and Microsoft MVP Blogspot, Microsoft MVP Blogs

Tess Ferrandez Blog - former Microsoft Escalation Engineer, debugging ASP .NET with WinDbg