WinDbg is a multipurpose debugger for the Microsoft Windows computer operating system, distributed by Microsoft. Debugging is the process of finding and resolving errors in a system; in computing it also includes exploring the internal operation of software as a help to development. It can be used to debug user mode applications, device drivers, and the operating system itself in kernel mode. 
You can download Windbg in here.
You can select operation you want install it.
You can run windbg with “Excutable file” or “Attach to Process”
Attach to Process
Go to “File” choose “Attach to a Process” or you can use “F6”
Then you select Process you want attach.
Go to “File” choose “Open Excutable” or you can use “Ctrl + E”
Select path file excutable.
Common command line in windbg
We can dump memory with Windbg by use command “d [address] or [register]”
We using “g” command to continue debugging.
u (unassemble) followed by the address that was shown before entering.
Command: S address_start l long opcode
Example: If you want find opcode ff4e in dll with address from 01900000 to 01dcd000. We can use command:
s 01900000 l 004cd000 ff 4e
Plugin in Windbg
The functions of byakugan:
– jutsu : set of tools to track buffers in memory, determining what is controlled at crash time, and discover valid return addresses
– mushishi : framework for anti-debugging detection and defeating anti-debugging techniques
– tenketsu : vista heap emulator/visualizer.
To add byakugan one can do the following:
– Add 2 dll: byakugan.dll and injectsu.dll to the windbg directory
– Add detoured.dll to the directory: C:\windows\system32
In Winbg, use command load Byakugan:
If you want use Windbg you can refer in here.