Group Purchasing
Group Purchasing

Intro to WinDbg Part 5: Advanced Usage - A Recommendation for SEC665

  • Thu, Aug 27, 2026
  • 10:00AM - 11:00AM EDT
  • English
  • Karim Lalji
  • Technical Presentation
Login to register
Webcast Hero

In parts 1, 2, and 3 of this series, you learned how to leverage WinDbg for research, including Time Travel Debugging and tracing a syscall into the kernel. In this final webcast, we will cover some of the advanced usage of WinDbg, such as the dx command, saving variables, making functions, editing memory, and using custom extensions. We will also walk through some live examples using debugging sessions in both user-mode and kernel-mode.

While not specifically required, this final webcast in the series will help prepare students for SANS’s most advanced red teaming course – SEC665: Advanced Red Team Operations – by increasing comfort with a debugger, which is an essential part of red team research.

Who Should Attend

  • Red Team Operators
  • Red Team Engineers
  • Offensive Tool Developers

Learning Objectives

  • Become more comfortable with WinDbg commands
  • Become familiar with how to set up debugging sessions
  • Understand how to use the dx command
  • Understand some of WinDbg's advanced features, such as saving variables, making functions, editing memory, and using custom extensions/scripts

For the best experience, students are encouraged to watch the rest of the WinDbg series:

This session supports concepts from SEC665: Advanced Red Team Operations and will help students prepare for the course. To learn more, browse upcoming sessions, and access your free course preview, Click Here.

Meet Your Speaker

Karim Lalji
Karim Lalji

Karim Lalji

Karim brings 15+ years of hands-on offensive security experience, leading high-level teams across government and Fortune 500 environments. A SEC665 co-author and instructor for SEC565 and SEC588, he blends real-world insight with elite expertise.

Read more about Karim Lalji