Online Training: Accelerated Windows Postmortem Diagnostics and Debugging

Software Diagnostics Services organizes this online training course.

Accelerated Windows Postmortem Diagnostics and Debugging Logo

This comprehensive training includes more than 40 step-by-step exercises and covers more than 85 crash dump analysis patterns from x86 and x64 process, kernel, and complete (physical) memory dumps. Learn how to analyze application (native and .NET Core), service, and system crashes and freezes, navigate through memory dump space (managed and unmanaged code) and diagnose corruption, memory and handle leaks, CPU spikes, blocked threads, deadlocks, wait chains, resource contention, and much more with WinDbg debugger. The training uses a unique and innovative pattern-oriented analysis approach developed by Software Diagnostics Institute< to speed up the learning curve, and it is based on the latest edition of Accelerated Windows Memory Dump Analysis and Accelerated .NET Core Memory Dump Analysis books. It uses the latest WinDbg Preview and is optionally containerized.

Outline slides
Slides from Days 1-3
Slides from Days 4-6
Slides from Days 7-8

The difference between this training and the current book version:

  • You can ask questions
  • .NET Core exercises use the latest WinDbg Preview
  • Certificates and tests

Training outline:

  • Day 1 (2 hours): Overview. Native process memory dump analysis.
  • Day 2 (2 hours): Native process memory dump analysis.
  • Day 3 (2 hours): Native process memory dump analysis.
  • Day 4 (2 hours): .NET Core process memory dump analysis.
  • Day 5 (2 hours): .NET Core process memory dump analysis.
  • Day 6 (2 hours). Kernel memory dump analysis.
  • Day 7 (2 hours). Complete (physical) memory dump analysis.
  • Day 8 (Optional 2 hours): Additional Q&A and memory dump analysis if necessary. Tests.

Before the training, you get:

  • Practical Foundations of Windows Debugging, Disassembling, Reversing, Second Edition PDF book (+300 pages)
  • The current PDF books (+900 pages)
  • The previous training recording
  • Access to Software Diagnostics Library with more than 370 cross-referenced patterns of memory dump analysis, their classification, and more than 70 case studies

After the training, you also get:

  • The updated PDF books (including the new edition of .NET Core book)
  • Personalized Certificate of Attendance with unique CID
  • Optional Personalized Certificate of Completion with unique CID (after the tests)
  • Answers to questions during training sessions
  • Current training sessions recording

Prerequisites: Basic Windows troubleshooting

Audience: Software technical support and escalation engineers, system administrators, security researchers, reverse engineers, malware and memory forensics analysts, software developers, and quality assurance engineers.

If you are interested in Linux memory dump analysis there is another forthcoming training: Accelerated Linux Core Dump Analysis