{"library":"pykd","title":"pykd: Python WinDbg Extension","description":"pykd is a Python extension for WinDbg, providing scripting capabilities for Windows kernel and user-mode debugging. It allows users to automate debugging tasks, analyze crash dumps, and extend WinDbg functionality with Python. The current version is 0.3.4.15. Its release cadence is irregular, typically tied to WinDbg updates and community contributions.","language":"python","status":"active","last_verified":"Fri Apr 17","install":{"commands":["pip install pykd"],"cli":null},"imports":["import pykd"],"auth":{"required":false,"env_vars":[]},"quickstart":{"code":"import pykd\n\ntry:\n    # Get the current process ID if a user-mode debuggee is attached\n    pid = pykd.getCurrentProcessId()\n    print(f\"Current Process ID: {pid}\")\n\n    # Read a register value (e.g., EAX for 32-bit, RAX for 64-bit)\n    # This assumes a debuggee is running and registers are available.\n    register_name = \"eax\" if pykd.is32Bit() else \"rax\"\n    reg_value = pykd.reg(register_name)\n    print(f\"{register_name.upper()} register value: 0x{reg_value:x}\")\n\n    # Execute a simple WinDbg command and print its output\n    output = pykd.dbgCommand(\"!peb\")\n    print(\"\\nOutput of '!peb':\")\n    print(output[:200] + \"...\" if len(output) > 200 else output) # Truncate for display\nexcept pykd.BaseException as e:\n    print(f\"pykd error encountered: {e}\")\n    print(\"This script must be run within a WinDbg session with a debuggee attached.\")\n","lang":"python","description":"This quickstart demonstrates basic interaction with the WinDbg debugger through pykd, such as retrieving process information, reading register values, and executing debugger commands. This code is intended to be executed within a WinDbg session after loading the pykd extension.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}