Another lie, probably put in place from MS marketing team to force the hand and make more people purchase Windows 10/11 Professional licenses: Hyper-V and Windows Sandbox can be installed on Windows 1…
How to use WinDbgX workspaces to make debugging even easier. Workspaces WinDbgX workspaces (suffixed .debugTargets) are nothing more than XML files that instructs WinDbgX how to process with the curre…
How to use Hyper-V to debug using KdCOM from 2 VMs, one debugging the other. Debuggee Follow the setup here to setup a BCD profile for KdCom in the VM. Shutdown the VM and in a privileged prompt on th…
This is tiny Post-It post to remind of different ways to enumerate processes from KD: using nt!PsActiveProcessHead dx Debugger.Utility.Collections.FromListEntry( *(nt!_LIST_ENTRY*)&(nt!PsActiveP…
Here’s a simple trick that I learned from the amazing @scanlime to quickly (and universally) visualize the distribution of byte of any binary file, using the Portable Graymap Format (PGM) format. …