Rakovsky Stanislav's blog
Positive-minded reverse engineer & malware researcher
© 2019 - 2023 Rakovsky Stanislav
Article. (Un)secure development, part 2: borrowing metadata from popular packages to fake Python project ratings
Article about forgering metadata on PyPI.org
1 minute read
PHDays 12 + Python Conf++. (Un)secure development: faking Python project rankings
PHDays 12 + Python Conf++ about ways how threat actors forge their packages metadata
1 minute read
OFFZONE 2022. pypi.sos() - analyzing open-source project repositories for trojans
THE OFFZONE 2022 speech about threat actors trying to infect developers in Python Package Index.
1 minute read
Spbctf summer meetup. The Da Analysis Code: theory of static detects
I was a speaker at spbctf summer 2021 meetups with brief talk about currently available static methods for analysis executable files that will be helpful in CTF/MA reverse process.
A link to youtube (ru) - Currently unavailable.
1 minute read
THE STANDOFF 2021. APT Malware: Forest Keeper
THE STANDOFF 2021 speech about multifunctional backdoor Forest Keeper. It belongs to Chinese APT group that targets Russia.
1 minute read
PHDays speech: 50 shades of PyInstaller
I reviewed the trends of 2020 and 2021 in the use of PyInstaller in malware. I provided statistics on the versions used, analysis of mechanisms for gaining persistence in the system, data theft, encryption, and communication with C&C. Special attention to obfuscation and how to deal with it.
Recourses from my PHDays 10 speech.
1 minute read
Spbctf winter meetup. Structure of PYC files. Decompyling. Anti-reverse techniques. CFG.
I was a speaker at spbctf NY 2020 meetups with my research about possibilities of reverse PYC (compiled python) files, paths how to obfuscate it to complicate the work of reverse engineers, hehe. And, finally, how to investigate obfuscated pycs.
1 minute read
YauzaCTF 2021. APC6969 - Emulator writing practice
Writeup on APC6969 - 8-bit architecture made by archercreat.
Let’s write our full-pledged architecture implementation :)
14 minutes read
Ya-Profi. Master level, semifinal. Malware reverse and brute sql injection pentest (tasks 3, 5)
The master-level individual competition.
Reverse and traffic analysis: Task 3 and task 5.
Task creators decided to use writeups in this files as the last step of the competition, heh.
New! Доступен разбор на русском! Выкладываю свой доклад финала.
5 minutes read
Spbctf winter meetup. My tasks writeups
I’ve written three tasks for my speech on spbctf winter meetup 2020. Here are writeups on them.
Tasks:
You can watch the writeup on YouTube (on russian).
(open the post to view more)
2 minutes read
6 minutes read
THE STANDOFF 2020. PyInstaller: injection story
Recourses from my THE STANDOFF 2020 speech.
The main goal of my research was analysing attack vectors on PyInstaller and check the possibility to inject our payload to each of them.
1 minute read
VKA-CTF`2020. Полковник Сандерс (Colonel Sanders) and Инженерная подготовка (Engineering training)
Team result: https://t.me/unicorn_mpei_team/89
8 minutes read
7 minutes read
6 minutes read
2 minutes read
Cats!
Under construction
Wow! Flipable!
Hello from another side of the Moon!
Looking for a flag? Okay, take this:
LFXXKIDBOJSSA43XMVSXIIC6LYQCAIA=
About me
Under construction. You can try to contact me and fill this field… haha… ha…