WinDbg Quick Reference
Setup: .symfix → .reload to configure symbols
Analysis: !analyze -v for crashes, k/kb/kv for call stack
Memory: dd/dq/db to inspect, u <address> to disassemble, s -a to search
Structures: dt ntdll!_PEB or modern dx @$peb
Modules: lmf to list loaded modules
Threads: ~ to list, ~<id>s to switch
Breakpoints: bp/bu to set, bl to list, bc to clear
Execution: t step into, p step over, g continue
System: !handle, !heap -s, !teb for internals, r for registers