A script that helps researcher to unpack and decompile executable written in python. However, right now this only supports executable created with py2exe and pyinstaller.
python python_exe_unpack.py -i [sample.exe]
A folder will be created with the original filename concatenated with "_extracted". For example: "sample.exe_extracted".
The main python file that contains the logic will usually be the file without any extension (In the folder that concatenated with "_extracted")
pyinstaller has an option that can encrypt python bytecode. This script will try to decrypt it and decompile the decrypted code.
python python_exe_unpack.py -p [pyc file]
In the above example, sometimes the python file that contains the main logic will not be in the format that uncompyle6 accept (Missing python magic numbers). The above command will prepend magic numbers and decompile it (If magic number is already preprended it will not add it and just proceed with decompiling).