かしわば(@kash1064)

かしわば(@kash1064)

Aspiring Reverse Engineer and CTF Player (Team: 0nePadding). Passionate about WinDbg and Anti-Virus internals. OSCP / CISSP. Working at Microsoft Japan, but all views expressed are my own.

© 2026 かえるのひみつきち

WinDbg (en)

Windows (en)

Enumerating Process Information in the System with Win32 API

I tried enumerating process information in the system using Win32 API.

Read
Windows (en)

Notes on Reading Windows Process Information with WinDbg

Notes on reading Windows process information with WinDbg. This article covers topics such as the EPROCESS structure and process manipulation using WinAPI, with more content planned for the future.

Read
Windows (en)

Cheat Sheet for Dump Analysis and Live Debugging with WinDbg

A cheat sheet summarizing the WinDbg commands I often use personally. I plan to add more content in the future.

Read
Windows (en)

Writing a Windows Kernel Driver from Scratch and Inspecting IRP Requests with WinDbg

Read
Windows (en)

Reversing a Windows Sockets TCP/UDP Communication Program

Read
Windows (en)

Implementing RC4 Encryption in C and Reversing It with Ghidra and WinDbg

Read
Windows (en)

Analyzing a Base64 Program Implemented in C with WinDbg Time Travel Debugging

Read
Windows (en)

Building a Custom Windows Kernel Driver and Analyzing It with WinDbg

Read
Windows (en)

How to Generate Symbol Files (.pdb) in a Linux Environment Using llvm-mingw

Read
Windows (en)

Overwriting the Memory Pointed to by the Stack Pointer in WinDbg to Execute an Arbitrary Function

Read
Windows (en)

[WinDbg Preview] A New Debugging Approach with Time Travel Debugging

Read
Windows (en)

How to Manually Capture a Kernel Memory Dump on Windows and Analyze It with WinDbg

Read