This is a series where we are going to Talk about how you can start your journey in the Windows Debugging Realm from the very basics on how to set up your Environment with the Tools like WinDBG, Procmon, and XPerf which we will later be using to Debug Few of the very important issues.
Here we are going to start with the Very basic on how we can set up our lab which we can later use to learn Windows Debugging.
Introduction:
Let’s start by Understanding the Very Important thing, “What is Debugging and why do we need it”.
Windows debugging techniques can be very helpful in scenarios where you want to troubleshoot your operating system in terms of process and handles. For example, your machine is having a Blue Screen of Death and you want to Isolate the driver, slow booting windows or application which is causing this issue or probably you want to know which process is responsible for filling up space in my C Drive. Or you are a developer and want to debug a driver or Application on which you are working. In all these scenarios you can use these techniques and get more clarity on the Architecture.
If you are new to this and want to know a few very basics of the Operating System, I will recommend you to review the below Articles so that you can familiarize yourself with the Operating System Architecture.
Understanding Kernel Mode and User Mode using Perfmon
How to use Process Monitor(ProcMon) – Part 1 (Complete Series)
Tools to Download:
The Tool which we would be needing for these sessions will be Below:
- WinDBG. (Windows Debugger)
- ProcMon
- Xperf
1. WinDBG(Windows Debugger):
WinDBG can be downloaded from Two Sources.
A. Windows Application:
WinDBG Comes as a Part of the Windows Software Development Kit (SDK) Which can be downloaded from the Below Link:
https://developer.microsoft.com/en-us/windows/downloads/windows-10-sdk/
Once downloaded you can open the Installer and Select the Option: Debugging Tools for Windows.
So Post finishing the installation you will be able to see a Tool with the name WinDBG Installed in your System.
Windows Store App:
These Days WinDBG Can also be downloaded from the Windows Store App, which goes with the Name “WinDBG Preview“
Once downloaded you can see the App in the Start Menu.
2. ProcMon:
ProcMon is something which you can easily Download from the Sysinternals Website https://docs.microsoft.com/en-us/sysinternals/downloads/procmon
3. XPerf:
XPerf is part of the Windows Performance Toolkit which is bundled with the Windows Assessment and Deployment Kit for Windows. You can download the Tool using the link below:
https://docs.microsoft.com/en-us/windows-hardware/get-started/adk-install
Once downloaded you can initiate the Installation and select the Part
This toolkit will Include Windows Performance Recorder which is a GUI-based tool to record the Performance of a Machine, Windows Performance Analyzer which will help you to Analyze the Data, and the XPerf which can help you to initiate the recorder using a command-line Operation.
Once you will have all Three Applications ready, we will move ahead with Further Configuration of the Tools in our Next Article in this Series.