かしわば(@kash1064)

かしわば(@kash1064)

Aspiring Reverse Engineer and CTF Player (Team: 0nePadding). Passionate about WinDbg and Anti-Virus internals. OSCP / CISSP. Working at Microsoft Japan, but all views expressed are my own.

© 2026 かえるのひみつきち

WinDbg (en)

Magical WinDbg (en)

Magical WinDbg VOL.1 [Chapter 5: Analyzing a Full Memory Dump from a System Crash]

This is the web edition of Magical WinDbg - Enjoying Windows Dump Analysis and Troubleshooting by Feel - VOL.1, distributed at Tech Book Fest 15.

Read
Magical WinDbg (en)

Magical WinDbg VOL.1 [Chapter 6: Investigating a User-Mode Application Memory Leak from a Process Dump]

This is the web edition of Magical WinDbg - Enjoying Windows Dump Analysis and Troubleshooting by Feel - VOL.1, distributed at Tech Book Fest 15.

Read
Magical WinDbg (en)

Magical WinDbg VOL.1 [Chapter 7: Investigating a User-Mode Memory Leak from a Full Memory Dump]

This is the web edition of Magical WinDbg - Enjoying Windows Dump Analysis and Troubleshooting by Feel - VOL.1, distributed at Tech Book Fest 15.

Read
Magical WinDbg (en)

Magical WinDbg VOL.1 [Appendix A: WinDbg Tips]

This is the web edition of Magical WinDbg - Enjoying Windows Dump Analysis and Troubleshooting by Feel - VOL.1, distributed at Tech Book Fest 15.

Read
Magical WinDbg (en)

Magical WinDbg VOL.1 [Appendix B: Analyzing Crash Dumps with Volatility 3]

This is the web edition of Magical WinDbg - Enjoying Windows Dump Analysis and Troubleshooting by Feel - VOL.1, distributed at Tech Book Fest 15.

Read
Windows (en)

Use a PowerShell Script to Configure Windows Full Memory Dumps and Keyboard Crashes

I created a PowerShell script to automate the configuration for collecting full dumps on Windows and for configuring keyboard crashes.

Read
Windows (en)

Notes on Useful GFlags Settings for Troubleshooting Windows Environments

This article summarizes useful GFlags settings to remember when troubleshooting Windows. It covers settings such as debugger flags and Silent Process Exit that can help when investigating issues on Windows.

Read
Windows (en)

Enumerating Process Information in the System with Win32 API

I tried enumerating process information in the system using Win32 API.

Read
Windows (en)

Notes on Reading Windows Process Information with WinDbg

Notes on reading Windows process information with WinDbg. This article covers topics such as the EPROCESS structure and process manipulation using WinAPI, with more content planned for the future.

Read
Windows (en)

Cheat Sheet for Dump Analysis and Live Debugging with WinDbg

A cheat sheet summarizing the WinDbg commands I often use personally. I plan to add more content in the future.

Read
Windows (en)

Writing a Windows Kernel Driver from Scratch and Inspecting IRP Requests with WinDbg

Read
Windows (en)

Reversing a Windows Sockets TCP/UDP Communication Program

Read