DFSP # 368 - SVCHOST
This week is a guide to understanding SVCHOST from a DFIR point of view. It is one of the most abused Windows processes, and having a firm working knowledge for investigations is essential.
This week is a guide to understanding SVCHOST from a DFIR point of view. It is one of the most abused Windows processes, and having a firm working knowledge for investigations is essential.