This project is a simple system that generates metamorphic variants of a C/C++ source file by automatically modifying its structure. The purpose is to simulate how malware can evade signature-based detection through automated code transformation.
⚠️ WARNING: This project is for educational and academic use only. Do not use it on live systems or for malicious purposes.
- Demonstrate how static analysis and signature-based detection can be evaded.
- Generate functionally identical but syntactically different malware variants.
- Help understand the logic of metamorphic code generation.
- Works with
.cand.cppsource files. - Automatically applies basic transformations:
- Variable renaming
- Inserting whitespace/comments
- Generates randomized variants.
- Easy to extend with your own transformation rules.
The following metamorphic transformation techniques are implemented in the generator:
| Technique | Description |
|---|---|
| Dead Code Insertion | Inserts non-functional code (e.g., unused variables, redundant arithmetic, or empty conditionals) that does not affect program behavior but changes the binary signature. This helps evade signature-based detection. |
| Obfuscation | This technique weakens potential detection by transforming source code elements that may contain suspicious keywords or patterns. It includes: |
- Comment removal, as comments might contain threat-related language.
- Variable and value shortening, replacing meaningful identifiers with shortened or random names to reduce semantic clarity. |
| Original Code | Metamorphic Variant |
|---|---|
 |
 |
# Requirements: Python 3
# Run the generator
python3 generator.py