How to Acquire or Improve Debugging Skills
This article is my answer for this comment.
First of all, this is just my opinion, not Microsoft’s opinion.
Before talking about books, let me explain something that I see over and over again.
Sometimes I’ve run across people who think they just need to know the debugger commands to become a good debugger.
This is a misconception. It’s like chess: just because you know the game rules and how to move the pieces doesn’t mean you are a good player. Actually to become good in chess you need to learn a lot more than the basics! To become great in chess you need to learn much more!
Debugging is the same. Debugging, testing and developing code are related topics. If you are a good programmer, you are a good tester and a good debugger. Of course, people that spend most of their time working with testing and creating test tools, have greater software testing skills. People that spend most of their time debugging have greater software debugging skills.
Anyway, the three activities are totally related, so if you want to be a good debugger the first thing you should know is how to program.
For several reasons I recommend C++ then C# if you want to learn more about managed debugging.
A good debugger should know the following:
- A programming language. C++ is recommended. Learning C++ you’ll learn C, too. Be sure to learn how to program in C++ using Object Oriented Programming. I actually learned C then C++.
- Knowledge about Windows internals, like APIs, message flow, etc. . .
- Ability to read disassembled code.
- Troubleshooting tools.
- How (and when) to use a debugger.
- How to isolate a problem, following a scientific approach based on hypothesis.
That said, below I present a list of books that I really like the most among all the books I’ve read. They are my favorites!
It will be great to receive feedback from readers about other interesting books, so feel free to share your favorite book titles.
C/C++
Effective C++ (Meyers)
More Effective C++ (Meyers)
Efficient C++ (Bulka, Mayhew)
C++ Coding Standards ( Sutter, Alexandrescu)
Exceptional C++ and More Exceptional C++ (Herb Sutter)
C++ Common Knowledge (Stephen C. Dewhurst)
C++ Strategies and Tactics (Robert B. Murray)
Designing Object Oriented C++ Applications using the Booch Method (Martin)
Although these are my favorites you may want to check out for yourself.
C#
Programming Windows with C# (Petzold)
C# Programmer’s Cookbook (Jones)
Programming .NET Components (Lowy)
C# Cookbook (Hilyard & Teilhet)
CLR via C# 2nd Edition (Richter)
Applied Microsoft .NET Framework Programming (Jeffrey Richter)
Note: I like programming books focused on common problems or those that present short programs for a specific task. These kinds of books are more useful for my daily job than books about architecture, framework programming, etc…
Security
Writing Secure Code 2nd edition (Howard, LeBlanc)
Buffer Overflows (Foster)
Secure Coding in C and C++ (Seacord)
Rootkits (Greg Hoglund, James Butler)
Shellcoder’s Programming Uncovered (Kris Kaspersky)
Shellcoder’s Handbook (Koziol, Litchfield, Aitel, Anley, Eren, Mehta, Hassell)
Sockets, Shellcode, Porting & Coding (James C. Foster)
Exploiting Software (Greg Hoglund, Gary McGraw)
Hunting Security Bugs (Gallagher, Jeffries, Landauer)
Practical Malware Analysis (Sikorski, Honig)
Managed Code Rootkits: Hooking into Runtime Environments (Erez Metula)
I love books related to security! I’m not a security engineer, but I’m interested in knowing more about bugs and what they look like in low level terms. Moreover, these books talk about reverse engineering at some level.
Bugs and Software Problems
Find The Bug (Adam Barr)
It’s always important for those that want to excel at debugging to know more about bugs. It helps you to get this “sixth sense” when analyzing a source code.
Programming
Practical Guidelines and Best Practices for Visual Basic and Visual C# Developers (Balena, Dimauro)
.NET Gotchas (Subramaniam)
Code Complete 2nd Edition (McConnell)
Write Great Code, Volume 2 – Thinking Low-Level, Writing High Level (Hyde)
Code Craft: The Practice of Writing Excellent Code (Pete Goodliffe)
Refactoring: Improving the Design of Existing Code (Fowler, Beck, Brant, Opdyke, Roberts)
The Pragmatic Programmer: From Journeyman to Master (Andrew Hunt)
If you need to choose just one, pick up Code Complete 2nd edition.
Specifically for .NET the “Practical Guidelines…” it’s awesome.
Windows
Windows Internals (Russinovich, Salomon)
Windows NT/2000 – Native API Reference (Nebbett)
The Old New Thing (Chen)
Multithreading Applications in Win32 (Beveridge Wiener)
COM
ATL Internals (Rector, Sells)
Essential COM (Don Box)
Developer’s Workshop to COM and ATL 3.0 (Andrew Troelsen)
It’s very helpful to know the low level details of COM and ATL as several applications use COM at some level.
Debugging
Debugging by Thinking (Metzger)
Debugging ASP.NET (Goodyear, Peek, Fox)
The Science of Debugging (Telles, Hsieh)
Software Exorcism (Blunden)
Debugging Applications for .NET and Windows (Robbins)
Debugging .Net 2.0 Applications (Robbins)
Debugging – The 9 Indispensable Rules for Finding Even the Most Elusive Software and Hardware problems (Agans)
Debugging Windows Programs (McKay, Woodring)
Why Programs Fail: A guide to Systematic Debugging (Zeller)
Advanced Windows Debugging (Hewardt, Pravat)
Memory Dump Analysis Anthology - Volume 1 (Vostokov)
Memory Dump Analysis Anthology - Volume 2 (Vostokov)
Advanced .NET Debugging (Herwardt, Mario)
Windows Debugging Notebook - Essential User Space WinDbg Commands (Vostokov, Farah)
Inside Windows Debugging - A Practical Guide to Debugging and Tracing Strategies in Windows (Soulami, Tarik)
Some of the books above talk only about the mindset you need to be a good debugger, others are more focused on code and others talk about both.
Assembly, Disassembly and Reverse Engineering
I love this topic! If you want to be a good debugger you need to know this stuff.
Reversing – Secrets of Reverse Engineering (Eilam)
Disassembling Code (Vlad Pirogov)
Visual C++ Optimization with Assembly Code (Yury Magda)
Hacker Disassembling Uncovered (Kaspersky)
Hacker Disassembling Uncovered 2nd Edition (Kaspersky)
Expert .NET 2.0 IL Assembler (Lidin)
The Assembly Language Master Book (Vlad Pirogov)
The Art of Assembly Language (Hyde)
CrackProof your Software (Cerven) – old book, but still interesting.
x86 Disassembly (Wikibooks contributors)
Practical Reverse Engineering (Dang, Gazet, Bachaalany)
In my opinion Kris Kaspersky has the best disassembly books! He really knows the stuff.
If you need to choose only one book, pick up Hacker Disassembling Uncovered 2nd edition, which comes with a CD of the first book. However if you don’t want to print the content of the 1st edition from the CD, I recommend you get both books.
Others
The McKinsey Way (Rasiel)
The McKinsey Way is a book that had early influence on my approach to isolating problems.
Happy debugging!