11

I am very dissatisfied at how little info is available on writing Windows debuggers.

Most of the code I have was made by a long process of trial and error, the documentation obviously "thinks" most of the topics are too trivial while explaining in much detail obvious and useless things.

I found 2 articles or so on it but not much stuff I didn't already know came out of it.

Is there any documentation at all, and I mean complete documentation, or some GOOD article (not how to change a byte to 0xCC in vb.NET but real world stuff) about debuggers? Advanced debuggers with memory breakpoints.

For now I didn't find a way for example how to find out how many bytes were being written in a GUARD_PAGE_VIOLATION. I just make a buffer before and after the code executes and compare.

Also where to find info what lies in debug_event.u.Exception.ExceptionRecord.ExceptionInformation? (among other things that lay in debug_event)

Do I really have to reverse the reversing environment myself?

Improve this question
3

2 Answers 2

Reset to default
9
+50

This is indeed some information available.

DEBUG_EVENT (and the rest of the Debug API) is officially described in MSDN here: http://msdn.microsoft.com/en-us/library/windows/desktop/ms679308(v=vs.85).aspx

There is a nice CodeProject article: Writing a basic Windows debugger and its sequel: Writing Windows Debugger - Part 2

And finally, a complete list of references from Devon Strawn: How to write a (Windows) debugger - References

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

You can find "old" but good samples in the Windows SDK: Look at: .\Program Files\Microsoft SDKs\Windows\v7.1\Samples\winbase\debug\

The debbughandler shows how to handle exceptions.

Improve this answer

1 Comment

Since you can't add a comment, try to include some sources and/or other examples.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.