Menu
I am bit confused about Windows Debugging Tools.
WinDbg Tutorial
Windbg – wraps KD and NTSD with a decent UI. WinDbg can function both as a kernel-mode and user-mode debugger.
Does that mean whatever commands I use in NTSD can be used in WinDbg? Whenever I do user mode debugging NTSD is actually working behind the scenes?
890
The Windows Debugger (WinDbg) can be used to debug kernel-mode and user-mode code, analyze crash dumps, and examine the CPU registers while the code executes. To get started with Windows debugging, see Getting Started with Windows Debugging.
The default installation directory for 64 bit OS installs for the debugging tools is C:\Program Files (x86)\Windows Kits\10\Debuggers\. If you have a 32-bit OS, you can find the Windows Kits folder under C:\Program Files.
WinDbg, NTSD, CDB, and KD all share the same debugging engine, so they share all the same commands. The only differences between them is that WinDbg has GUI interface, NTSD, CDB and KD have console interfaces, NTSD and CDB only support user mode debugging, KD only supports kernel mode, while WinDbg supports both.
Note that the NTSD command installed in the System32 directory on older versions of Windows will likely be a much older version of the debugger than any version of WinDbg you might have installed on the machine. In that case the old and new debuggers will have differences in the commands they support.
89
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
