v0.7.2

Automated release. mapledumper.exe is the CLI (built with cargo auditable). MapleDumper_<version>_x64-setup.exe is the lean desktop installer (Tauri/NSIS, WebView2 bootstrapper). The optional native dumper ships as maple-unpack-native.exe plus unicorn.dll and a per-user MapleDumper_NativeUnpacker_<version>_x64-setup.exe that installs them where the app and CLI look. CycloneDX SBOMs and SHA-256 checksums are attached.

MapleDumper v0.7.1

A point release that makes the native dumper usable straight from the release, as an optional component rather than a build-from-source step.

What is new since v0.7.0

• Per-user component discovery. The CLI and desktop app find the native dumper in %LOCALAPPDATA%\MapleDumper\bin in addition to an explicit path, beside the program, and PATH, so it is installed once and found everywhere.
• A native dumper component installer. MapleDumper_NativeUnpacker_0.7.1_x64-setup.exe drops the dumper and its unicorn.dll into that per-user directory, no admin rights needed. The main desktop installer stays lean; installing the dumper is a deliberate opt-in to a feature that runs the protected client.
• Guided in-app setup. When the native dumper is selected but missing, the Unpack panel explains it, warns to use a VM or sandbox, and offers Download (opens this page) and Install from file. The app stays fully offline; it never downloads anything itself.

Artifacts

• mapledumper.exe: the command-line tool (built with cargo auditable).
• MapleDumper_0.7.1_x64-setup.exe: the lean desktop installer (Tauri NSIS, WebView2 bootstrapper).
• MapleDumper_NativeUnpacker_0.7.1_x64-setup.exe: the optional native dumper, per-user install.
• maple-unpack-native.exe + unicorn.dll: the native dumper binaries, for the CLI or manual placement. Keep them together.
• *.cdx.json: CycloneDX SBOMs per crate. SHA256SUMS: checksums for every artifact.

MapleDumper is GPL-3.0-or-later (the native dumper is a port of ergrelet/unlicense). Verify a download against SHA256SUMS before running.

MapleDumper v0.7.0

This release adds a native unpacker, reskins the desktop app, and moves the project to GPL-3.0.

Highlights

• Native Themida dumper. The dump step no longer needs a separate unlicense.exe download. A new x64 crate (maple-unpack-native) ports unlicense's dynamic unpacking to Rust on Frida and Unicorn: it traps the original entry point, resolves the obfuscated imports, rebuilds the PE, and runs the static clean and verification gates, writing the output only if every gate passes. The CLI exposes it as unpack --native and the desktop app as a toggle in the Unpack panel. A prebuilt maple-unpack-native.exe and its unicorn.dll are attached below; put them next to the CLI or the installed desktop app (or point the CLI at them with --native-bin) and the native path works with no toolchain to install.
• Aurora desktop redesign. The maple-app interface moved to a dark glass theme with accent and density settings, bundled fonts, and a per-view layout pass, with every render and command contract preserved.
• Dependency refresh. criterion, rfd, rusqlite, tauri, tauri-build, and actions/checkout are all on current releases.

License change

MapleDumper is now GPL-3.0-or-later (it was MIT). The native dumper is a port of ergrelet/unlicense, which is GPL-3.0, so the project relicensed to match. See LICENSE and crates/maple-unpack-native/NOTICE.

Artifacts

• mapledumper.exe: the command-line tool (built with cargo auditable).
• MapleDumper_0.7.0_x64-setup.exe: the desktop installer (Tauri NSIS, WebView2 download bootstrapper).
• maple-unpack-native.exe + unicorn.dll: the native dumper. Keep them together, next to the CLI or the installed app. The native dumper runs the protected client, so a VM or a sandbox is recommended.
• *.cdx.json: CycloneDX SBOMs per crate.
• SHA256SUMS: checksums for every artifact.

Verify a download against SHA256SUMS before running. The desktop app needs the WebView2 runtime (bundled with current Windows).

v0.6.0

Automated release. mapledumper.exe is the CLI (built with cargo auditable; verify with: cargo audit bin mapledumper.exe). MapleDumper_<version>_x64-setup.exe is the desktop app installer (Tauri/NSIS; bundles the WebView2 bootstrapper). A CycloneDX SBOM per crate and SHA-256 checksums are attached.

v0.5.0

MapleDumper 0.5.0 - cross-version fingerprinting, v95 bridge, fingerprint perf.

Downloads:

• MapleDumper_0.5.0_x64-setup.exe - the desktop app installer (Tauri/NSIS; bundles the WebView2 bootstrapper). Recommended for most users.
• mapledumper.exe - the standalone CLI (built with cargo auditable; verify the embedded dependency list with: cargo audit bin mapledumper.exe).
• *.cdx.json - CycloneDX SBOM per crate. SHA256SUMS.txt - SHA-256 checksums for every binary.

Verify a download: sha256sum -c SHA256SUMS.txt (or PowerShell Get-FileHash) against the values in SHA256SUMS.txt.

v0.4.0

Automated release. The CLI binary is built with cargo auditable (embedded dependency list); a CycloneDX SBOM and SHA-256 checksums are attached. Verify the dependency list with: cargo audit bin mapledumper.exe. The desktop app installer is not yet bundled here (tracked separately).

v0.3.0

Highlights since v0.2.0

Cross-version function relocation

When a byte pattern no longer matches a recompiled build, the Signature Maker now relocates the function by a recompile-stable handle and mints a fresh per-build AOB at the resolved address:

• Anchors: a referenced string, an imported-API set, a string-anchored caller, the C++ vtable structure (with constructor grounding for refactored tables), and an encoding fingerprint.
• Widest-path chaining through intermediate builds for the vtable anchor, each hop back-checked against the source identity.
• Per-version AOB ranges reported in the CLI report and the desktop Signature Maker.

The anchors ship with an honest, real-corpus coverage and false-positive measurement. Across a major client refactor the round-trippable anchors (import, caller, vtable) had zero confirmed wrong-address landings, coverage concentrates within a version lineage, and the residual limits of pure string anchoring across a major break are measured and documented.

Signature Maker scoring and diagnostics

Independent 0..100 sub-scores blended into a final A to F grade, graded cross-build function similarity, validated string anchors, and a negative-corpus penalty, all surfaced in the CLI JSON and the desktop workspace, alongside a structured resolve trace, a Section Map, and a Job Timeline.

Hardening

Partial-read tracking and surfacing, architecture-mismatch detection, a granular resolver with a serializable trace, @hits enforcement, and hardened Tauri file IO (allowlist, traversal and alternate-data-stream rejection, canonicalization).

Engineering

• Rust 2024 workspace, MSRV 1.95.
• CI enforces rustfmt, clippy with warnings denied, the full test suite, an MSRV check, and a cargo-audit security scan.
• A golden signature snapshot keeps generated output byte-stable across refactors.

MapleDumper v0.2.0

Signature Maker

Generate a byte signature from several client builds at once and get the highest-confidence pattern that resolves the same target in every version. A single-version signature breaks on the next client patch; this one is validated across every build you feed it.

• Desktop: a new Signature Maker view. Drop in two or more client .exe files, target by signature (harden an existing AOB), by address (a reference RVA), or both at once, queue many targets in one run, and cross-validate a signature against the address it should resolve to. Every file is checked for packing as you add it, results are graded A through F with alternates, and the chosen pattern saves straight into your pattern list.
• CLI: a new --mksig mode over --client / --client-dir, targeting --sig (an AOB) or --ref / --rva (an address), with --min-fixed-ratio to tune the reject gate and --json / --json-out for tooling.
• Engine: a new on-disk PE reader (FileImage) and cross-version generator. Candidates are masked with iced-x86 instruction decoding and the PE relocation table, then validated for a unique match and consistent callee fingerprints in every build, with duplicate-build detection so confidence is not inflated.

Download MapleDumper.exe below for the desktop app, or mapledumper-cli.exe for the command line. Run elevated so it can read protected targets.

MapleDumper v0.1.3

Assembly scan

Find code by instruction instead of bytes, the way Cheat Engine's assembly scan works.

• Desktop — a new Assembly scan tab. Type lines of assembly (push, call, test eax,eax) with wildcards (* zero-or-more, ? one char, ^ line start, $ line end) and it disassembles the target and lists every address where those instructions appear back-to-back, with the bytes and disassembly. Narrow it with an optional From/To range, and save any match straight into your pattern list.
• CLI — --asm <file> runs the same instruction scan, with --from/--to to limit the address range.

Download MapleDumper.exe below. Run elevated so it can read protected targets.

MapleDumper v0.1.2

Highlights

• Version history (desktop). Every scan is saved to a local SQLite database, grouped by build (a content hash of the code section), so dozens of game versions stay organized. Identical re-scans are de-duplicated.
• Compare across versions. A tabbed workspace: open any scan, compare any two builds (moved / new / removed offsets), or line every version up in a matrix to track an offset across the whole timeline. Tabs are named by version, renamable and closeable.
• Bytes + disassembly. Click a changed symbol to see its captured bytes and x86/x64 disassembly, old versus new.
• Build stamps. Each dump carries a # build: fingerprint (code-section hash + size + PE timestamp + file version), used by --diff and the History tab to tell builds apart.
• CLI helpers. --diff two dumps, --lint a pattern file for weak signatures, and --profile the read/scan/resolve split — all offline, no target needed.
• Showcase mask. The privacy mask can now swap in realistic fake values instead of blurring, for clean screenshots.
• Global Ctrl+F to filter the active table, copy-first exports with smart auto-names, and full localization (en / ja / zh / ko / he).

MapleDumper.exe is the desktop app — run it elevated to attach to a protected target. The WebView2 runtime ships with current Windows.