Category: Software Debug and Trace – Intel

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 4

Alan Sguigna

March 17, 2024
4:14 pm

In this article, we’ll look at some of the fields within the VMCS, and change them to combat some of the mitigations against instruction trace within Windows.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 3

Alan Sguigna

March 3, 2024
1:34 pm

Debugging the Secure Kernel with JTAG, EXDI, LBR and Intel PT.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 2

Alan Sguigna

February 20, 2024
10:16 am

In Part 1 of this article series, I demonstrated the use of EXDI with DCI to explore the Windows hypervisor. In this article, we’ll take a first look at the Windows Secure Kernel.

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 1

Alan Sguigna

January 15, 2024
6:30 pm

I’m having a tremendous amount of fun learning about Windows internals with the new support of WinDbg via our SourcePoint JTAG debugger. This is a multi-part series on exploring some of the undebuggable code within the Windows hypervisor and secure kernel.

WinDbg with correlated timestamps for Event and Instruction Trace

Alan Sguigna

December 17, 2023
3:44 pm

An advanced tutorial on the timestamp correlation of Windows kernel event and instruction trace, using Intel Processor Trace and Architectural Event Trace.

WinDbg with Intel Processor Trace

Alan Sguigna

August 27, 2023
3:36 pm

Here’s an example of combining WinDbg’s OS-aware debug capabilities with SourcePoint’s support for Intel Processor Trace (PT).

WinDbg integration with SourcePoint using EXDI over DCI/JTAG

Alan Sguigna

May 28, 2023
2:54 pm

Introduction to using WinDbg integrated with the SourcePoint JTAG-based debugger, using EXDI over DCI

Introduction to the SourcePoint Assembler

Alan Sguigna

December 11, 2022
6:09 pm

Basic assembler/disassembler usage guide for the SourcePoint debugger.

SourcePoint Command Language Tutorial

Alan Sguigna

November 27, 2022
11:59 am

An in-depth tutorial on how to use the SourcePoint command language, for system-level debugging automation.

New Features in SourcePoint 7.12.22

Alan Sguigna

August 14, 2022
4:42 pm

Our new SourcePoint Intel release, 7.12.22, is now in production and available to all subscribers. Our most polished, fully-featured release yet, it adds the following features:

Category: Software Debug and Trace – Intel

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 4

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 3

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 2

JTAG debug of Windows Hyper-V / Secure Kernel with WinDbg and EXDI: Part 1

WinDbg with correlated timestamps for Event and Instruction Trace

WinDbg with Intel Processor Trace

WinDbg integration with SourcePoint using EXDI over DCI/JTAG

Introduction to the SourcePoint Assembler

SourcePoint Command Language Tutorial

New Features in SourcePoint 7.12.22

Archives

Categories