This Thursday at high noon, I will be presenting my crash dump research at Brucon 2014. This presentation acts as sort of a chronology of my research, covering each major development since 2012, and is basically this entire website condensed into 57 slides. I have produced a completely new slide deck with a few updates for Windows 8.1. I’m also demoing several research tools I’ve discussed on this website, plus a new Windbg extension ‘dmpext’:
- CrashDD – never before released tool which acts like the unix ‘dd’ tool, but for accessing disk through the crash path
- LiveDump – user mode tool for creating a kernel crash dump
- DmpExt – a new Windbg extension I will be revealing at Brucon for exploring crash dump stack information
Hope to see you there!