This is a repo for small, useful scripts and extensions

Related tags

Learning resource WinDbgCookbook
Overview

WinDbgCookbook

This is a repo for small, useful scripts, extensions, and debugger data model "dx" queries.

Feel free to add your own scripts or update any of the scripts here. If you add a new script, just add a line in this readme file giving a summary of your script.

Modules

Find if a module called "dbgeng.dll" has any imports called "RegGetValue".

dx @$curprocess.Modules["dbgeng.dll"].Contents.Imports.SelectMany(x => x.Functions).Where(x => x.ToDisplayString().Contains("RegGetValue"))

Threads

Find any threads that are currently executing for a module called "mymodule.dll" or "mymodule.exe"

dx @$curprocess.Threads.Where(x => x.Stack.Frames.Any(f => f.ToDisplayString().Contains("mymodule!")))

Environment variables

Find an environment variable by name

dx @$getEnvVar=(var) => @$curprocess.Attributes.Environment.Variables.Where(x => x.ToLower().StartsWith(var.ToLower() + "="))

Example:

0:000> dx @$getEnvVar("tmp")
@$getEnvVar("tmp")                
    [0x0]            : TMP=C:\Users\tmisiak\AppData\Local\Temp

stackCollector.js

This script adds a function that can be called from inside a breakpoint condition to capture the stack trace at the time the breakpoint was hit, and add it to a call graph. For instance, load the script and then set a breakpoint like:

bp /w "@$scriptContents.onBreakpoint(), false" kernelbase!ReadFile

Then run the program and later you can view the graph using a command like this:

0:007> dx -r3 @$scriptContents.stackRoot
@$scriptContents.stackRoot                 : undefined - 0
    KERNELBASE!ReadFile : KERNELBASE!ReadFile - 173
        ucrtbase!_read_nolock : ucrtbase!_read_nolock - 2
            ucrtbase!_read   : ucrtbase!_read - 2
        shcore!CFileStream::Read : shcore!CFileStream::Read - 156
            XmlLite!CharacterSource::Bytes::ReadMore : XmlLite!CharacterSource::Bytes::ReadMore - 70
            dbgeng!ConvertStreamToUnicode : dbgeng!ConvertStreamToUnicode - 86
        msvcrt!read_nolock : msvcrt!read_nolock - 1
            msvcrt!read      : msvcrt!read - 1
        dbghelp!IStreamFileWinAPI::Read : dbghelp!IStreamFileWinAPI::Read - 4
            dbghelp!MSF_HB::readPnOffCb : dbghelp!MSF_HB::readPnOffCb - 4
        dbgeng!ReadImageData : dbgeng!ReadImageData - 10
            dbgeng!IMAGE_HEADER_INFO::Read : dbgeng!IMAGE_HEADER_INFO::Read - 5
            dbgeng!IMAGE_HEADER_INFO::ReadLoadConfigDir : dbgeng!IMAGE_HEADER_INFO::ReadLoadConfigDir - 1
            dbgeng!IMAGE_HEADER_INFO::ReadDebugDir : dbgeng!IMAGE_HEADER_INFO::ReadDebugDir - 4

Other collections of scripts and queries

You might also like...

A small javascript DOM manipulation library based on Jquery's syntax. Acts as a small utility library with the most common functions.

Quantdom JS Quantdom is a very small (about 600 bytes when ran through terser & gzipped) dom danipulation library that uuses a Jquery like syntax and

Aug 16, 2022

Collection of Rowy's templates for cloud functions cod snippets - including for derivative, action columns and extensions.

Collection of Rowy's templates for cloud functions cod snippets - including for derivative, action columns and extensions.

Rowy Templates Collection of Rowy's backend templates and code snippets for cloud functions - including for derivative, action columns and extensions.

Nov 16, 2022

This is a plugin for Obsidian (https://obsidian.md). Can open document with `.html` and `.htm` file extensions.

Obsidian HTML reader Plugin This is a plugin for Obsidian (https://obsidian.md). Can open document with .html and .htm file extensions. Obsidian HTML

Dec 27, 2022

This extensions adds blocks to help you create your own carnival games in MakeCode Arcade using throwable balls, extra timer functions, and extra game-over options.

Usage This extensions adds blocks to help you create your own carnival games in MakeCode Arcade using throwable balls, extra timer functions, and extr

Nov 16, 2022

An obsidian plugin allowing you to register and view different file extensions in a modular manner.

Obsidian Custom File Extensions Plugin This is a plugin for Obsidian to allow associaton of file type extensions with different in-app views via setti

Dec 6, 2022

Bypass YouTube ads! (Web Extensions)

Bypass YouTube ads! (Web Extensions)

bytads Bypass YouTube ads! Supported YouTube Advertising Formats Skippable video ads, Overlay ads! Other ad formats will be supported soon. Usage Inst

Apr 3, 2022

Chrome Extensions are something which we use very frequently in our day-to-day life for example Grammarly

Chrome-Extension Chrome Extensions are something which we use very frequently in our day-to-day life for example Grammarly, In this project similarly,

Dec 14, 2022

Zigbee2MQTT Extensions

Zigbee2MQTT Extensions What are extensions? Read this article automations-extension.js Allows you to set up simple automations directly in z2m Example

Jan 1, 2023

Official companion browser extensions for Kagi Search (Chrome, Firefox)

Kagi Search Extension This contains the source for the Kagi Search extension for Firefox and Chrome. Get it for your browser here: Chrome Firefox Cont

Nov 25, 2022
Owner
Tim Misiak
Tim Misiak
GitHub
This extensions will prompt you to remove any other extensions that we found as being broken and unmaintained.

octarine vscode extension This extensions will prompt you to remove any other extensions that we found as being broken and unmaintained. We do expect

42picky 4 May 27, 2022
Bookmarklet exploit that can force-disable extensions installed on Chrome. Also has a very fancy GUI to manage all extensions!

ext remover Bookmarklet exploit that can force-disable any extension installed on Google Chrome Instructions Here are the instructions to using this e

Echo 124 Jan 6, 2023
Grupprojekt för kurserna 'Javascript med Ramverk' och 'Agil Utveckling'

JavaScript-med-Ramverk-Laboration-3 Grupprojektet för kurserna Javascript med Ramverk och Agil Utveckling. Utvecklingsguide För information om hur utv

Svante Jonsson IT-Högskolan 3 May 18, 2022
Hemsida för personer i Sverige som kan och vill erbjuda boende till människor på flykt

Getting Started with Create React App This project was bootstrapped with Create React App. Available Scripts In the project directory, you can run: np

null 4 May 3, 2022
PHEX, but it shows up as Google Docs in the extensions. Useful if you're using it in class.

PHEX, but it shows up as Google Docs in the extensions. Useful if you're using it in class.

gemsvidø 3 Oct 28, 2022
A simple site to generate useful resources for Gitpodification, including "open in gitpod" buttons and sample configuration scripts

Gitpodify A simple portal to generate "open in Gitpod" links Contributing There is a list of suggested repositories in app/routes/index.tsx. Feel free

Jacob Paris 4 Nov 7, 2022
To Do list is a small but useful project to make list app , you can add tasks delete tasks and modify tasks, the project built using HTML, CSS, JavaScript

Project Name The To-Do-List app description this is a project in the second week of the second module in microverse. its a useful to do list that save

Alzubair Alqaraghuli 5 Jul 25, 2022
A small (~600B gzip), useful set of methods for lazy iteration of iterables.

@ricokahler/lazy · A small (~600B gzip*), useful set of methods for lazy iteration of iterables. Why this lazy lib? Do I even need a lazy lib? Install

Rico Kahler 11 Sep 10, 2022
This is email scheduler made using MERN. This repo contains server code, client repo is linked in readme.

Email Scheduler Client This is an email scheduler server (client in different repository). It is made using node.js/express.js. Overview User can sign

Sai Charan 2 Dec 3, 2022
✏️ A small jQuery extension to turn a static HTML table into an editable one. For quickly populating a small table with JSON data, letting the user modify it with validation, and then getting JSON data back out.

jquery-editable-table A small jQuery extension to turn an HTML table editable for fast data entry and validation Demo ?? https://jsfiddle.net/torrobin

Tor 7 Jul 31, 2022