by @inversecos (twitter thread)
If you have a memory sample, this is how you can figure out what cmd spawned the processes by using volshell and memory forensics.
by @inversecos (twitter thread)
If you have a memory sample, this is how you can figure out what cmd spawned the processes by using volshell and memory forensics.