Reliable Windows Kernel Debugging on a Mac
Read Time: 5 Minutes During the process of conducting malware analysis, or software vulnerability analysis, it is sometimes a necessity to perform windows kernel debugging . What has not been working reliably on Mac Os X was Vmware Fusion with a Windows guest setup with debugging enabled over serial. What did work reliably is enabling a windows guest with VT-x and then within that guest hosting a secondary windows guest configured for kernel debugging. An example of this includes configuring the processor correctly on the Fusion guest to enable support of virtualization started by opening hardware settings for debugging client with ⌘E bring you to the screen in Figure 1: Figure 1: Select Processors and Memory Within your Processor and Memory settings you want to do the following: 1. Provision enough resources for the host to function and to be able to allocate a secondary windows guest with appropriate amount of resources for the task. 2. Enable the ability to