Rakovsky Stanislav's blog
Positive-minded reverse engineer & malware researcher
antireverse bruteforce CFG CnC crypto CSharp delphi DNSpy glibc golang idapython java malware msdos pcap pdf pentest ppc pyinstaller python reverse scratch shellcode VM yara
Ctf
Я-Профи 2021. Отборочный этап. Реверс задач магистерского уровня
YauzaCTF 2021. APC6969 - Emulator writing practice
Отбор на обучение от Информзащиты. Скидываю задачи
Ya-Profi. Master level, semifinal. Malware reverse and brute sql injection pentest (tasks 3, 5)
Разбор реверса с Я-Профи магистрского уровня. Плюс пару слов о форензике.
Кибервызов 2020 от Ростелеком-Солар. Студенческий уровень - весь Reverse
VKA-CTF`2020. Полковник Сандерс (Colonel Sanders) and Инженерная подготовка (Engineering training)
angstromCTF. Interesting moments in reverse tasks ("Patcherman", "Masochistic Sudoku", "Autorev, Assemble!")
AeroCTF. Reverse. 1000 and 1 night & Elderly File
Разбор категории ревёрс с Зимней школы ИТМО. Таски spbctf от groke и mrvos
Разбор немалвари с kksctf open 2019
Разбор виртуальной машины отборочного этапа Я-Профи 2019 для магистров
Реверс шеллкода отборочного этапа Я-Профи 2019 для магистров
Разбор реверса отборочного этапа Я-Профи 2019. Уровень - бакалавр
MS-DOS task writeup from CTFZONE 2019 Quals
Разбор реверса с CTF, проходившего в рамках Kuban CyberSecurity Conference 2019
Разбор тасков на реверс с квалификационного этапа M*CTF 2019
Eng
Article. (Un)secure development, part 2: borrowing metadata from popular packages to fake Python project ratings
PHDays 12 + Python Conf++. (Un)secure development: faking Python project rankings
OFFZONE 2022. pypi.sos() - analyzing open-source project repositories for trojans
Spbctf summer meetup. The Da Analysis Code: theory of static detects
THE STANDOFF 2021. APT Malware: Forest Keeper
PHDays speech: 50 shades of PyInstaller
Spbctf winter meetup. Structure of PYC files. Decompyling. Anti-reverse techniques. CFG.
YauzaCTF 2021. APC6969 - Emulator writing practice
Ya-Profi. Master level, semifinal. Malware reverse and brute sql injection pentest (tasks 3, 5)
Spbctf winter meetup. My tasks writeups
Yara magic numbers for all currently available versions
THE STANDOFF 2020. PyInstaller: injection story
VKA-CTF`2020. Полковник Сандерс (Colonel Sanders) and Инженерная подготовка (Engineering training)
angstromCTF. Interesting moments in reverse tasks ("Patcherman", "Masochistic Sudoku", "Autorev, Assemble!")
AeroCTF. Reverse. 1000 and 1 night & Elderly File
MS-DOS task writeup from CTFZONE 2019 Quals
......

© 2019 - 2023 Rakovsky Stanislav

Powered by Hugo with theme Dream.

PHDays speech: 50 shades of PyInstaller

PHDays speech: 50 shades of PyInstaller

Friday, May 21, 2021

I reviewed the trends of 2020 and 2021 in the use of PyInstaller in malware. I provided statistics on the versions used, analysis of mechanisms for gaining persistence in the system, data theft, encryption, and communication with C&C. Special attention to obfuscation and how to deal with it.

Recourses from my PHDays 10 speech.

Speech on phdays.com

Record on thestandoff365.com

@ Rakovsky Stanislav
1 minute read

Cats!

Under construction

Wow! Flipable!

Hello from another side of the Moon!

Looking for a flag? Okay, take this:
LFXXKIDBOJSSA43XMVSXIIC6LYQCAIA=

About me

Under construction. You can try to contact me and fill this field… haha… ha…