Metame is a simple metamorphic code engine for arbitrary executable. Metamorphic code is code that when run outputs a logically equivalent version of its own code under some interpretation.
This is used by computer viruses to avoid the pattern recognition of anti-virus software. It implementation works this way:
It currently supports the following architectures:
Also, it supports a variety of file formats, as radare2 is used for file parsing and code analysis.
Example of code before and after mutation:
Also Read – PingCastle : Get Active Directory Security At 80% In 20% Of The Time
Installation
pip install metame
This should also install the requirements.
You will also need radare2. Refer to the official website for installation instructions.
simplejson is also a “nice to have” for a small performance boost:
pip install simplejson
metame -i original.exe -o mutation.exe -d
Use metame -h for help.
bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…
Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…
Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…
Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…
shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…
Extract and execute a PE embedded within a PNG file using an LNK file. The…