Pythonic Malware: Evading Detection with Compiled Executables

Photo by Kobby Mendez on Unsplash

Creating Python executables during an offensive security engagement used to be an effective method of evasion. However, this tactic has become increasingly difficult on modern Windows endpoints.

In fact, even benign programs seem to get blocked immediately after touching disk. This is just one of the reasons red teamers have moved away from popular frameworks…