Metame is a simple metamorphic code engine for arbitrary executable. Metamorphic code is code that when run outputs a logically equivalent version of its own code under some interpretation.
This is used by computer viruses to avoid the pattern recognition of anti-virus software. It implementation works this way:
It currently supports the following architectures:
Also, it supports a variety of file formats, as radare2 is used for file parsing and code analysis.
Example of code before and after mutation:
Also Read – PingCastle : Get Active Directory Security At 80% In 20% Of The Time
Installation
pip install metame
This should also install the requirements.
You will also need radare2. Refer to the official website for installation instructions.
simplejson is also a “nice to have” for a small performance boost:
pip install simplejson
metame -i original.exe -o mutation.exe -d
Use metame -h for help.
ParadeDB is an Elasticsearch alternative built on Postgres. We're modernizing the features of Elasticsearch's product…
Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.…
This is a simulation of attack by the Wicked Panda group (APT-41) targeting U.S. state…
A simple application that extracts your IoCs from garbage input and checks their reputation using…
Flutter Mobile Application Reverse Engineering Tool by Compiling Dart AOT Runtime. Currently, the application supports…
Welcome to FLARE-VM - a collection of software installations scripts for Windows systems that allows…