Root Cause Analysis (3)

With mona v3, debugger automation took a major leap forward. Now, with the new tellme / ai command, mona can collect crash context, heap information, registers, call stacks, disassembly, memory mappings, PoC files, heapdynamics logs, and more — and turn all of it into structured AI-ready analysis requests. Whether you want fully automated API-driven workflows with OpenAI or Anthropic, or prefer manually reviewing and submitting requests yourself, tellme brings modern AI-assisted crash triage and debugger automation directly into WinDBG and WinDBGX. This article dives deep into how it works, how to customize it, and how to build repeatable, reusable AI-assisted exploit analysis workflows on modern Windows targets. Read more

Table of Contents

• Foreword
• Introduction
• Analyzing the Crash Data
• Identifying the Cause of Exception
  • Page heap
  • Initial analysis
• Reversing the Faulty Function
• Determining Exploitability
  • Challenges
  • Prerequisites
  • Heap Basics
    • Lookaside Lists
    • Freelists
  • Preventative Security Measures
    • Safe-Unlinking
    • Heap Cookies
  • Application Specific Read more

Introduction

For the past year or so I've spent a significant amount of time fuzzing various applications with the hopes of identifying exploitable crashes.  Early on in my research I quickly realized that building fuzzers and generating large quantities Read more