Description
This short book is a full transcript of the Software Diagnostics Services seminar about physical memory analysis on desktop and server Windows platforms (a revised version of the previous seminars on complete crash and hang memory dump analysis). Topics include memory acquisition and its tricks, user vs. kernel vs. physical memory space, fiber bundle space, challenges of physical memory analysis, common WinDbg commands, memory analysis patterns and their classification, common mistakes, a hands-on WinDbg analysis example with logs, and a guide to further study. For this new edition, slides and their transcript text have been significantly revised, links and references have been checked and updated, and the whole WinDbg analysis session has been redone for Windows 10.
Author: Dmitry Vostokov, Software Diagnostics Services
Publisher: Opentask
Published: 02/24/2023
Pages: 60
Binding Type: Paperback
Weight: 0.48lbs
Size: 11.00h x 8.50w x 0.16d
ISBN13: 9781912636808
ISBN10: 1912636808
BISAC Categories:
- Computers | Forensics
- Computers | Operating Systems | Windows Server