WinDbg
WinDbg is a debugger developed by Microsoft for Windows NT -based operating systems. WinDbg provides a graphical user interface to the older command line based debuggers (user mode debugger) and (kernel debugger).
NTSDKD
The power of the debugger results from the numerous extensions, many of which are already supplied with WinDbg. In the case of a blue screen , the command !analyze -vcan be used to analyze the crash more or less fully automatically - including an annotated description of the blue screen, a complete stack trace and analysis of the driver responsible for the crash.
WinDbg supports both local debugging on the same computer and remote debugging on another computer, which is particularly useful for kernel debugging. Up to and including Windows 7, remote debugging could only be carried out via the serial interface ; since Windows 8 , remote debugging can also be carried out via the Ethernet interface. A memory dump of a previous crash can also be analyzed with WinDbg.
To debug Windows components, especially when debugging the kernel, WinDbg requires debugging symbols from the target computer. In older Windows operating systems, icons were available separately on CD or DVD; Microsoft offers a public symbol server for all Windows operating systems from Windows 2000 onwards, from which symbols for any combination of Service Pack + Hotfix can be downloaded.
Microsoft delivers the current version of WinDbg as part of the Debugging Tools for Windows , which are contained in the Windows SDK and the Driver Development Kit (DDK).