The Official Radare2 Book

On Windows, radare2 can use DbgEng.dll as a debugging backend, allowing it to make use of WinDBG's capabilities, supporting dump files, local and remote user and kernel mode debugging.

You can use the debugging DLLs included on Windows or get the latest version from Microsoft's download page (recommended).

Using the plugin

To use the windbg plugin, pass the same command-line options as you would for WinDBG or kd (see Microsoft's documentation), quoting/escaping when necessary:

> r2 -d "windbg://-remote tcp:server=Server,port=Socket"

> r2 -d "windbg://MyProgram.exe \"my arg\""

> r2 -d "windbg://-k net:port=,key="

> r2 -d "windbg://-z MyDumpFile.dmp"

You can then debug normally (see d? command) or interact with the backend shell directly with the =! command:

[0x7ffcac9fcea0]> dcu 0x0007ffc98f42190

Continue until 0x7ffc98f42190 using 1 bpsize

ModLoad: 00007ffc`ab6b0000 00007ffc`ab6e0000 C:\WINDOWS\System32\IMM32.DLL

Breakpoint 1 hit

hit breakpoint at: 0x7ffc98f42190

[0x7fffcf232190]> =!k4

Child-SP RetAddr Call Site

00000033`73b1f618 00007ff6`c67a861d r_main!r_main_radare2

00000033`73b1f620 00007ff6`c67d0019 radare2!main+0x8d

00000033`73b1f720 00007ff6`c67cfebe radare2!invoke_main+0x39

00000033`73b1f770 00007ff6`c67cfd7e radare2!__scrt_common_main_seh+0x12e