Advanced Windows Kernel Debugging with VMWare and IDA’s GDB debugger

We have already published short tutorial on Windows kernel debugging
with IDA and VMWare on our site, but the debugging experience can
still be improved.

VMWare’s GDB stub is very basic, it doesn’t know anything about processes or
threads (for Windows guests), so for anything high-level we’ll need
to do some extra work. We will show how to get the loaded module list
and load symbols for all them using IDAPython.

Continue reading Advanced Windows Kernel Debugging with VMWare and IDA’s GDB debugger

IDA Pro has 9 debugger modules

Since the number of debugger modules in IDA surpassed the magical number seven plus or minus two, we created a small table describing what is available and what is not:
http://www.hex-rays.com/idapro/debugger/index.htm
Direct links to tutorials are available here:
http://www.hex-rays.com/idapro/idasupport.htm
I know, I know – we need to add 64-bit support for all platforms, port the Bochs debugger module to Linux, and… any other suggestions? I personally would love to have source level debugging, yet it requires some substantial changes to the kernel. We probably will move in this direction, sooner or later…