Pythonic Malware Part-2: Reversing Python Executables

Photo by Daniel K Cheung on Unsplash

In Pythonic Malware Part-1, I demonstrated how Python executables can be used to bypass Windows Defender and successfully launch Meterpreter shells on a fully patched system. However, this raised an interesting question, why don’t more APT’s and threat groups use Python for malware development?