Home

WinDbg

WinDbg is a multipurpose debugger for the Windows operating system, developed by Microsoft. It is part of the Windows Debugging Tools and is distributed with the Debugging Tools for Windows package, either as part of the Windows SDK or as a standalone download. WinDbg provides interactive debugging for both user-mode applications and the Windows kernel, and it can attach to running processes, attach to a live kernel, or analyze crash dump files (.dmp). It can perform local and remote debugging, including cross-machine debugging, and it supports debugging on multiple processor architectures such as x86, x64, ARM and ARM64.

WinDbg offers two interfaces: the traditional graphical WinDbg and the newer WinDbg Preview, a modernized UI

WinDbg is widely used by software developers, driver engineers, and IT professionals for crash dump analysis,

Availability and installation: WinDbg is distributed as part of Debugging Tools for Windows, included with the

with
enhanced
features.
It
exposes
a
rich
command
language
and
supports
scripting
and
extensions,
allowing
automation
and
customization.
Typical
tasks
include
inspecting
memory,
examining
thread
and
process
state,
loading
symbols
from
the
Microsoft
public
symbol
servers,
and
analyzing
crash
dumps
with
commands
like
!analyze
-v.
The
SOS
extension
can
be
used
to
debug
.NET
code,
and
extensions
written
in
C++
can
extend
the
debugger’s
capabilities.
driver
debugging,
and
performance
troubleshooting.
It
requires
symbol
files
to
accurately
translate
addresses
and
call
stacks,
and
it
relies
on
debugging
tools
and
kernel
debugging
protocols
(KD)
for
kernel-mode
work
and
remote
debugging
configurations.
Windows
SDK.
A
separate,
modern
WinDbg
Preview
is
also
available
from
the
Microsoft
Store.