📣🦀 We're very excited to announce TWO sessions for our ...

2025-12-19T15:00:01Z

📣🦀 We're very excited to announce TWO sessions for our flagship Rust reverse engineering course, Deconstructing Rust Binaries, coming to you in early 2026!

1) Deconstructing Rust Binaries at Ringzer0 (npub1hze…wh5p) COUNTERMEASURE, March 23-26 2026, 16 hours, Remote: https://ringzer0.training/countermeasure-spring-2026-deconstructing-rust-binaries/

2) Deconstructing Rust Binaries at NorthSec (npub1pfe…2u6v), May 11-13 2026, 24 hours, Onsite in Montréal, Canada and Remote: https://nsec.io/training/2026-deconstructing-rust-binaries/

Deconstructing Rust Binaries is the first comprehensive training course focused _solely_ on reverse engineering Rust binaries. This course is for any reverse engineer who needs a rapid, practical upskill in your ability to analyze Rust binaries. You will learn how to effectively triage Rust binaries, how to trace data flow through Rust binaries, and how to tackle common techniques found in the Rust malware ecosystem.

This course is taught and written by an experienced malware reverse engineer, Cindʎ Xiao 🍉 (npub16w7…g7ce), with extensive experience specifically in reversing Rust binaries. Want a preview of the technical expertise we offer? Check out the 120+ FREE slides on Rust reversing from our recent workshop, "Reversing a (Not-so-Simple) Rust Loader"! https://github.com/decoderloop/2025-11-07-ringzer0-countermeasure-not-so-simple-rust-loader-workshop/

A few key things about the course:

1) No previous experience with reversing Rust binaries, or writing Rust code, is required!
2) The course will use Binary Ninja as the primary reverse engineering tool. You will be provided a Binary Ninja student license as part of the course.
3) We're excited to offer flexibility in the training format and course depth. You have the choice of either taking:

a) A fully remote, 4 hour per day, shorter class at Ringzer0 (https://ringzer0.training/countermeasure-spring-2026-deconstructing-rust-binaries/)
b) A remote or onsite, 8 hour per day, comprehensive class at NorthSec (https://nsec.io/training/2026-deconstructing-rust-binaries/)

We look forward to seeing you in 2026!

#infosec #InfosecTraining #malware #MalwareAnalysis #ReverseEngineering #reversing #rust #rustlang #binaryninja #NorthSec #ringzer0 #Ringzer0Training

🦀 Looking for Rust malware samples to practice analyzing? Our ...

2025-12-15T15:02:02Z

🦀 Looking for Rust malware samples to practice analyzing? Our Rust Malware Sample Gallery just received a major update, with 20 new families added! https://github.com/decoderloop/rust-malware-gallery

The Sample Gallery collects links to articles about malware written in Rust, organizes them by malware family, and includes a download link to a publicly available sample for every malware family. This is a resource for any malware analyst who wants to get hands-on with real Rust malware.

The last time the Sample Gallery was updated was almost 2 years ago, in January 2024. Since then, there's been an explosive growth in new Rust malware, including all of the following families that are now in the Sample Gallery:

SPICA, KrustyLoader, RustDoor, SSLoad, Fickle Stealer, Cicada3301 Ransomware, RustyClaw, Embargo Ransomware, RustyAttr, Akira Ransomware (both the Akira_v2 and Megazord variants), Banshee (Rust variant), RALord Ransomware, RustoBot, Tetra Loader, EDDIESTEALER, Myth Stealer, Rustonotto, RustyPages, ChaosBot

This is nearly one new Rust malware family observed in the wild, every month. Rust as a programming language for malware is here to stay!

#rust #rustlang #malware #infosec #ReverseEngineering #MalwareAnalysis #reversing

Nostr notes by Decoder Loop

📣🦀 We're very excited to announce TWO sessions for our ...

🦀 Looking for Rust malware samples to practice analyzing? Our ...