+--------------------+
                          | WinDbg Cheat Sheet |
           +--------------+--------------------+-------------+
           | Reading memory                                  |
           +--------------------+----------------------------+
           | Disassemble        | u <addr> L<num instrs>     |
           | Disas Function     | uf <func>                  |
           | Dump byte          | db <addr> L<num bytes>     |
           | Dump word          | dw <addr> L<num words>     |
           | Dump dword         | dd <addr> L<num dwords>    |
           | Dump string        | ds <addr> L<num dwords>    |
           | Dump mem with syms | dps <addr or range>        |
           | Dump & dereference | dp[a|p|u] <addr>           |
           | Dump structure     | dt <addr>                  |
           | Search memory      | s [a|b|w|d] <addr> pattern |
           +-------------------------------------------------+
           | Writing memory                                  |
           +--------------------+----------------------------+
           | Copy memory        | m <range> <dst addr>       |
           | Edit byte          | eb <addr> 0x41 'b' ...     |
           | Edit word          | ew <addr> 0x1234 ...       |
           | Edit dword         | ed <addr> 0x12345678 ..    |
           +-------------------------------------------------+
           | Breakpoints                                     |
           +--------------------+----------------------------+
           | Add breakpoint     | bp <addr|sym>              |
           | Break on access    | ba [w|r|e|i] <addr> L<len> |
           | Disable breakpoint | bd <breakpoint num>        |
           | Enable breakpoint  | be <breakpoint num>        |
           | List breakpoints   | bl                         |
           | Remove breakpoint  | bc <breakpoint num>        |
           +--------------------+----------------------------+
           | Tracing                                         |
           +--------------------+----------------------------+
           | Continue execution | g or F5                    |
           | Display call stack | k                          |
           | Display registers  | r                          |
           | Step into          | t or F11                   |
           | Step out           | Shift + F11                |
           | Step over          | p or F10                   |
           | Step to branch     | tb                         |
           | Step to call       | tc or pc                   |
           +--------------------+----------------------------+
           | Advanced commands                               |
           +--------------------+----------------------------+
           | Attach to process  | F6                         |
           | Conditional        | j (condition) '<t>'; '<f>' |
           | Display PEB        | !peb                       |
           | Display TEB        | !teb                       |
           | Display type       | dt <struct name> [<addr>]  |
           | Display stacks     | ~*k                        |
           | Trace and watch    | wt                         |
           +--------------------+----------------------------+