References
[1] “Radare2,” https://radare.org/r/, 2020.
[2] “cpython/Lib,” https://github.com/python/cpython/tree/
main/Lib, 2022.
[3] “Dropbox,” https://www.dropbox.com/, 2022.
[4] “The Python Package Index,” https://pypi.org/, 2022.
[5] M. Aguirre, “Protecting a Python codebase,”
https://bits.theoremone.co/protecting-a-python-
codebase-part-3/, 2015.
[6] D. Andriesse, X. Chen, V. Van Der Veen, A. Slowinska,
and H. Bos, “An in-depth analysis of disassembly on
full-scale x86/x64 binaries,” in USENIX Security’16.
[7] “Python Malware On The Rise, Cyborg Secu-
rity,” 2022, https://www.cyborgsecurity.com/cyborg
labs/python-malware-on-the-rise/.
[8] “REC Studio 4-Reverse Engineering Compiler,” http:
//www.backerstreet.com/rec/rec.htm, 2015.
[9] “Binary Ninja,” 2022, https://binary.ninja/.
[10] “Boomerang Decompiler,” 2022, http://boomerang.
sourceforge.net/index.php.
[11] “RetDec,” 2022, https://github.com/avast/retdec.
[12] D. Brumley, J. Lee, E. J. Schwartz, and M. Woo,
“Native x86 decompilation using Semantics-Preserving
structural analysis and iterative Control-Flow structur-
ing,” in USENIX Security’13.
[13] Z. L. Chua, S. Shen, P. Saxena, and Z. Liang, “Neural
nets can learn function type signatures from binaries,”
in USENIX Security’17.
[14] “PyInstaller,” https://pyinstaller.org/, 2022.
[15] B. De Sutter, B. De Bus, and K. De Bosschere, “Link-
time binary rewriting techniques for program com-
paction,” ACM Trans. Program. Lang. Syst., vol. 27,
no. 5, p. 882–945, sep 2005.
[16] “Python decompiler for 3.7-3.8,” 2022, https://github.
com/rocky/python-decompile3.
[17] “Decompyle++,” 2022, https://github.com/zrax/pycdc.
[18] S. Dinesh, N. Burow, D. Xu, and M. Payer,
“Retrowrite: Statically instrumenting cots binaries for
fuzzing and sanitization,” in SP’20.
[19] “Druva inSync,” https://www.druva.com/products/
endpoints/, 2022.
[20] G. J. Duck, X. Gao, and A. Roychoudhury, “Binary
rewriting without control flow recovery,” in PLDI’20.
[21] “Ghidra,” 2022, https://ghidra-sre.org/.
[22] I. Guilfanov, “Decompilers and beyond,” Black Hat
USA, vol. 9, p. 46, 2008.
[23] Intel, “Pin,” https://www.intel.com/content/www/
us/en/developer/articles/tool/pin-a-dynamic-binary-
instrumentation-tool.html, 2022.
[24] “Hex Rays,” 2022, https://www.hex-rays.com/ida-pro/.
[25] “JEB Decompiler by PNF Software,” 2022, https://
www.pnfsoftware.com/.
[26] D. Kholia and P. Wegrzyn, “Looking inside the (drop)
box,” in WOOT’13.
[27] J. Lee, T. Avgerinos, and D. Brumley, “TIE: principled
reverse engineering of types in binary programs,” in
NDSS’11.
[28] Z. Liu and S. Wang, “How far we have come: Test-
ing decompilation correctness of C decompilers,” in
ISSTA’20.
[29] “Malware Makers Using ‘Exotic’ Programming
Languages,” 2022, https://threatpost.com/malware-
makers-using-exotic-programming-languages/.
[30] D. Merkel, “Docker: lightweight linux containers for
consistent development and deployment,” Linux jour-
nal, vol. 2014, no. 239, p. 2, 2014.
[31] K. Miller, Y. Kwon, Y. Sun, Z. Zhang, X. Zhang, and
Z. Lin, “Probabilistic disassembly,” in ICSE’19.
[32] M. Noonan, A. Loginov, and D. Cok, “Polymorphic
type inference for machine code,” SIGPLAN Not.,
vol. 51, no. 6, p. 27–41, jun.
[33] H. Peng, Y. Shoshitaishvili, and M. Payer, “T-fuzz:
Fuzzing by program transformation,” in IEEE S&P’18.
[34] S. Priyadarshan, H. Nguyen, and R. Sekar, “Practi-
cal fine-grained binary code randomization,” in AC-
SAC’20.
[35] “PyFET Supplementary Material,” 2022, https://github.
com/pyfet-pyc/src/blob/main/appx.pdf.
[36] “PyFET repository: Correctness and Impact of
PyFET.” 2022, https://github.com/pyfet-pyc/src/tree/
main/Correctness and Impact PyFET.
[37] “PyFET Repository,” 2022, https://github.com/pyfet-
pyc/src.
[38] “QEMU,” https://www.qemu.org/, 2022.
[39] ReversingLabs, “Explainable Threat Intelligence, Re-
versingLabs,” https://www.reversinglabs.com/, 2022.
[40] S. Sampath, “DisC-Decompiler for TurboC,” https://
www.debugmode.com/dcompile/disc.htm, 2001.
[41] E. J. Schwartz, C. F. Cohen, M. Duggan, J. Gennari,
J. S. Havrilla, and C. Hines, “Using Logic Program-
ming to Recover C++ Classes and Methods from Com-
piled Executables,” in CCS’18.
[42] “Snowman,” 2018, https://derevenets.com.
[43] “Project orion,” 2014, https://kr.cm/f/t/15280/.
[44] C. Sun, V. Le, and Z. Su, “Finding compiler bugs via
live code mutation,” SIGPLAN Not., vol. 51, no. 10, p.
849–863, oct.
[45] R. Tonder and C. Goues, “Tailoring programs for static
analysis via program transformation,” in ICSE’20.
[46] “Uncompyle2: A Python 2.7 byte-code decompiler,”
2016, https://pypi.org/project/uncompyle2/.
[47] “Uncompyle6,” 2022, https://github.com/rocky/
python-uncompyle6.
[48] “Unpyc37: Decompiler for Python 3.7,” 2022, https:
//github.com/greyblue9/unpyc37-3.10.
[49] Valgrind, “Valgrind,” https://valgrind.org/, 2022.
[50] R. Wartell, V. Mohan, K. W. Hamlen, and Z. Lin,
“Securing untrusted code via compiler-agnostic binary
rewriting,” in ACSAC’12.
[51] D. Williams-King, H. Kobayashi, K. Williams-King,
G. Patterson, F. Spano, Y. J. Wu, J. Yang, and V. P.
Kemerlis, “Egalito: Layout-agnostic binary recompila-
tion,” in ASPLOS’20.
[52] X. Yang, Y. Chen, E. Eide, and J. Regehr, “Finding
and Understanding Bugs in C Compilers,” SIGPLAN
14