Last day before prices go up for Deconstructing Rust Binaries at Ringzer0, March 23-26! If you've been thinking about this fully remote, 16-hour Rust reverse engineering training: now is the time to book!
ringzer0.training/countermeasu...
#infosec #ReverseEngineering #rustlang #MalwareAnalysis
Deconstructing Rust Binaries @ Ringzer0 is 16 hours of fully remote training, 4 hours each day x 4 days, March 23-26. Prices go up March 8, so reserve your spot now!
ringzer0.training/countermeasu...
#MalwareAnalysis #Rust #RustLang #ReverseEngineering #Reversing #Infosec
Just a few weeks left until our training, Deconstructing Rust Binaries, starting March 23 at Ringzer0! This course is for any reverse engineer who needs real techniques for reversing Rust binaries.
ringzer0.training/countermeasu...
#MalwareAnalysis #RustLang #ReverseEngineering #Reversing
Come check out our Deconstructing Rust Binaries training at NorthSec (or remote) this year! Three whole days of Rust reversing.
RustyWater (aka RUSTRIC, Archer RAT) has been added to the Rust Malware Sample Gallery: github.com/decoderloop/...
#rust #rustlang #malware #infosec #ReverseEngineering #MalwareAnalysis #reversing #MuddyWater
FunkSec Ransomware (aka FunkLocker) has been added to the Rust Malware Sample Gallery: github.com/decoderloop/...
#rust #rustlang #malware #infosec #ReverseEngineering #MalwareAnalysis #reversing #ransomware #FunkSec #FunkLocker
A new Rust DDoS Botnet family has been added to the Rust Malware Sample Gallery: github.com/decoderloop/...
This family is unnamed, but was analyzed in this article by Beelzebub: beelzebub.ai/blog/rust-dd...
#rust #rustlang #malware #infosec #ReverseEngineering #MalwareAnalysis #reversing #botnet
The Rust ransomware KCVY OSLOCK has been added to the Rust Malware Sample Gallery: github.com/decoderloop/...
#rust #rustlang #malware #infosec #ReverseEngineering #MalwareAnalysis #reversing #ransomware
To keep up to date with all of our training dates and events, visit our website: decoderloop.com#upcoming-tra...
We look forward to seeing you in 2026!
We're also excited to offer flexibility in the training format and course depth. You have the choice of either:
1) A remote or onsite, 8 hour / day, comprehensive class at NorthSec: nsec.io/training/202...
2) A fully remote, 4 hour / day, shorter class at Ringzer0: ringzer0.training/countermeasu...
A few key things about Deconstructing Rust Binaries:
1) No previous experience with reversing Rust binaries, or writing Rust code, is required!
2) The course will use Binary Ninja as the primary reverse engineering tool. You will be provided a Binary Ninja student license as part of the course!
This course is taught by a reverse engineer, @cxiao.net, with extensive experience specifically in reversing Rust malware.
Want a preview of our expertise? Check out the 120+ FREE slides on Rust RE from our recent workshop, Reversing a (Not-so-Simple) Rust Loader! github.com/decoderloop/...
Deconstructing Rust Binaries is the first comprehensive course focused *solely* on reverse engineering Rust binaries. You will learn how to effectively triage Rust binaries, how to trace data flow through Rust binaries, and how to tackle common techniques found in the Rust malware ecosystem.
📣🦀 Announcing: TWO 2026 sessions for our Rust reverse engineering course, Deconstructing Rust Binaries!
1) Ringzer0 COUNTERMEASURE, March 23-26, Remote: ringzer0.training/countermeasu...
2) NorthSec (@nsec.io), May 11-13, Montréal & Remote: nsec.io/training/202...
#malware #infosec #rustlang
Excited to bring Deconstructing Rust Binaries to NorthSec in March! Chat with me here or at @decoderloop.com if you have questions about the training.
Take advantage of the early bird rate for the onsite option! Pricing is in CAD, take advantage of the exchange rate (:
nsec.io/training/202...
...RustyAttr, Akira Ransomware (both Akira_v2 and Megazord), Banshee (Rust variant), RALord Ransomware, RustoBot, Tetra Loader, EDDIESTEALER, Myth Stealer, Rustonotto, RustyPages, ChaosBot
This is ~1 new Rust malware family per month. Rust as a programming language for malware is here to stay!
The last time the Sample Gallery was updated was in January 2024 (~2 years ago). Since then, there's been an explosive growth in new Rust malware, including:
SPICA, KrustyLoader, RustDoor, SSLoad, Fickle Stealer, Cicada3301 Ransomware, RustyClaw, Embargo Ransomware,
(cont'd - there's too many!)
The Sample Gallery collects links to articles about malware written in Rust, organizes them by family, and includes a download link to a publicly available sample for every malware family. This is for any malware analyst who wants to get hands-on with real Rust malware.
github.com/decoderloop/...
🦀 Looking for Rust malware samples to practice analyzing? Our Rust Malware Sample Gallery just received a major update, with 20 new families added! github.com/decoderloop/...
#rust #rustlang #malware #infosec #ReverseEngineering #MalwareAnalysis #reversing
A screenshot of the Tags window in the software Binary Ninja, showing a list of bookmarked locations in a Rust binary.
A screenshot of the History window in the software Binary Ninja, showing a step by step list of variable definition, variable rename, and comment annotations made in a binary.
An annotation of a decompiled version of the Rust standard library std::sys::pal::windows::thread::Thread::new::thread_start function, showing an indirect call, via a virtual function table (vtable), to the function call_once.
In addition to the slides, the materials include an annotated @binary.ninja database file! Check out the Tags in the database for key locations in the binary, and the History in the database for a step-by-step walkthrough of how we marked up the binary.
github.com/decoderloop/...
The slides and materials from @cxiao.net's "Reversing a (not-so-) Simple Rust Loader" workshop at Ringzer0 COUNTERMEASURE today are now available! github.com/decoderloop/...
#rustlang #ReverseEngineering #MalwareAnalysis #infosec #reversing #malware #binaryninja #COUNTERMEASURE25 #ringzer0
The workshop will be conducted with @binaryninja.bsky.social, so this is also a great chance to get familiar with Binary Ninja!
See you there! For more information about upcoming workshops and trainings, keep an eye on this account or sign up on our mailing list: decoderloop.com/contact/#tra...
By the end of this workshop, you should know where to get more information about Rust structures and types, know a few tricks for finding interesting landmarks in Rust binaries, and be much more confident in approaching Rust binaries!
#rustlang #MalwareAnalysis #ReverseEngineering #infosec
Thank you for your interest in Decoder Loop & #rustlang reverse engineering training so far!
This Friday, November 7th, join us at Ringzer0 COUNTERMEASURE, in Ottawa, Canada, where @cxiao.net will present the workshop "Reversing a (not-so-) Simple Rust Loader": ringzer0.training/countermeasu...
🦀 I am starting a training firm, @decoderloop.com, focused on providing Rust Reverse Engineering training! decoderloop.com
We hope to come to a conference near you next year. Stay notified on training dates: Follow us at @decoderloop.com, or join our mailing list: decoderloop.com/contact/#tra...
The amazing @cxiao.net is offering training at decoderloop.com for
#Rust #Malware #ReverseEngineering 😱
Her insight is absolutely priceless, she's taught me all I know about this. If you are organizing an event: This is the state-of-the-art training you are looking for.
