u/Substantial_Cake9855

Hi everyone,
I have a full Python application that I’d like to compile into a DLL so it can be integrated and used from another application on Windows. My main goal is to make distribution easier while also protecting the source code as much as possible and keeping good performance and stability.

I’ve been looking into options like Cython, Nuitka, pybind11, and embedding Python, but I’m still not sure what the best real-world approach is for converting an entire project instead of just a small module.

Is there any method that is considered significantly safer or harder to reverse engineer? Or is Python code inside a DLL still relatively easy to extract? I’m also wondering if people usually end up rewriting the whole project in C/C++ when they need a truly secure DLL.

I’d really appreciate recommendations or advice from anyone who has done this before.

Hello everyone,

I’m currently analyzing a Windows executable that was originally developed in Python and later compiled into a .exe file (likely using tools such as PyInstaller, cx_Freeze, or similar).

I would like to understand the most effective and professional approach for recovering or reconstructing the original Python source code from the executable.

Thank you in advance.

I keep seeing people claim C++ is the best language for malware because of direct memory access, small binaries, and fine-grained control. But with modern EDRs focusing on behavior rather than signatures, and languages like Rust offering similar low-level control with safer memory management, does that argument still hold up? Are we just clinging to C++ out of tradition, or does it genuinely offer evasion advantages that newer languages can't match?

For malware with identical behavior, does using C vs Rust vs Go vs lesser-known languages change how easily it's detected? I'm curious if certain compilers or runtimes naturally evade signature-based detection better, or if modern AVs are language-agnostic.

For malware with identical behavior, does using C vs Rust vs Go vs lesser-known languages change how easily it's detected? I'm curious if certain compilers or runtimes naturally evade signature-based detection better, or if modern AVs are language-agnostic.

I'm trying to understand how polymorphic malware works. How does it manage to change its code every time while still doing the same thing? What's the mechanism behind that mutation?