Transcript: Certain debugger commands can be grouped together into scripts to be run against memory dumps with the output redirected to textual logs.

Transcript: Therefore, we can view scripts as a part of information collection step.

Transcript: We immediately see advantages of scripts. Many companies, for example, banks, avoid sending plain memory dumps because of security considerations in order to prevent exposure of company or private information. After the advent of 64-bit personal computing complete memory dumps become larger and larger and it is common now to get 32Gb memory dumps. Scripts can be used to process hundreds of memory dumps too in one go to look for similarities and differences. Many tools can be used for scripting including built-in WinDbg scripting capabilities and regular expressions for intelligent search.

- Dmitry Vostokov @ Citrix Blogs –

Follow me on Twitter and connect with me on LinkedIn.