Howto debug someting in this “operating system” This document is intended mainly for linux sysadmins that hate m$ and want to help “Windows Sysadmins” to debug any error on this shit…

Diving into M$ documentation (tons of it, only a few important words). I found that there are only a few tools available (free and without using hacking tools, which are the next step).

• Sysinternals https://learn.microsoft.com/en-us/sysinternals/downloads/
• Windows debugger https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/
• IIS memory leak (and also the rest)

The most Useful thing of this tool is that you can “Attach an Assembler” to ANY process running on the system. It will attach while running but will show information from the process start till the moment you connect and will continue logging information.

Of course, you'll also be able to generate a dump (dump memory of the process), but I HADN'T been able to open this kind of dumps with WINDBG cause you'll have to provide all the libs (like gdb in linux) and don't know why, windows is not able to find by itself (like linux do)… I don't want to waste my time in this part so I go on with the next set of tools.

God save the king: ProcessMonitor (procmon.exe) If you're looking for strace, you're looking for this tool. Start it, add a filter rule (if you don't want to run crazy), for example:

GO! You'll need to save it to a log file (I used CSV) to be able to filter all the noise.

The windows debugger As I told on the DebugDiag tools part, I hadn't been hable to make it work and open a User Dump of an application, but maybe you'll be able to…

I can't live with:

• grep/egrep
• less
• vim
• locate/find

I simply installed cygwin to have a shell.