Cindʎ Xiao 🍉Feb 21

RE: https://infosec.exchange/@washi/116109971111061839

MY MORTAL ENEMY IS THAT ONE zgRAT YARA RULE IT SHOWS UP FREAKING EVERYWHERE AND IS SO WRONG ASDHFJDSHFHASFHSDJAH

thank you for this Washi! I learned some things about .NET from this post as well!

popping on the #ReverseEngineering #MalwareAnalysis tags too

Show threadCindʎ Xiao 🍉
In general too I notice that a lot of people who do RE are somewhat reluctant to try out or engage with the developer tools / developer ecosystem of the languages we are reversing. I'm not sure why this is, but I think it significantly hurts our ability to do good RE
Feb 21 at 10:55pmWeb
Show threadWashiFeb 22

@cxiao yes, this indeed is the main point. It's almost artificially limiting yourself.

Though in fairness, I do think we as developers can also do better making our libraries more available to other ecosystems. Python is here to stay, whether we like it or not. Maybe these libraries just need a pypi package that people can just pip install.

Show threadPytt4mFeb 22
@cxiao just speaking for myself (not a developer), it's cuz it's hard and I lack the expertise