Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/felsokning/felsokningext

Just another Windbg Extension
https://github.com/felsokning/felsokningext

Last synced: 3 months ago
JSON representation

Just another Windbg Extension

Awesome Lists containing this project

README 

        
# FelsokningExt

Just another Windbg Extension



#### NOTE:

This is meant to be a drop-in replace for `!procdumpext`, as procdumpext no longer ships with the Windows SDK.



## Loading the Extension

Download the target flavor from [Releases](https://github.com/felsokning/FelsokningExt/releases) and extract the contents. You should place the dll in a folder you'll recall, later, as you'll need to type the path into Windbg to load the extension.



For example, on my local machine, the load command would be: `.load C:\ext\FelsokningExt.dll`



## deep

`deep` allows you to traverse all threads in the dump (or live process - not yet tested) to find threads that are above `x` frames.



### Usage

`!FelsokningExt.deep ` or `!deep ` will resolve in Windbg and output the results.



![Image showing thread hyperlink](./images/thread_hyperlink.PNG)



## hide

`hide` allows you traverse all threads in the dump (or live process - not yet tested) to find threads that match a given symbol and omit them from the thread output.



### Usage

`!FelsokningExt.hide -q -s ` or `!hide -s ` will resolve in Windbg and output the results. `-q` (quiet) will not output the thread id in the results.



![Image showing hide](./images/hide.png)



## seek

`seek` allows you traverse all threads in the dump (or live process - not yet tested) to find threads that match a given symbol.



### Usage

`!FelsokningExt.seek -q -s ` or `!seek -s ` will resolve in Windbg and output the results. `-q` (quiet) will not output the thread id in the results.



![Image showing seek](./images/seek.png)