Using r2 to analyse Minidumps

The minidump format is used by Microsoft for storing user-mode memory dumps. It is an openly documented format that is also extensible, but it is almost always analysed in WinDbg [1][2]. This article describes how to perform analysis of minidumps using radare2 mdmp module. Installation If you use radare2 from git as recommended nothing to do, you should already be able to identify the fileformat as mdmp rather than any.