Skip to content

landhb/MemScan-1.0

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 0 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
img
 
 
tools
 
 
README.md
 
 
makefile
 
 
memblock.h
 
 
memread.c
 
 
memscan.c
 
 
memwrite.c
 
 
MemScan Scan/manipulate the memory of a process with a given PID Overview Compiling w/Linux Subsystem Usage

README.md

MemScan

Scan/manipulate the memory of a process with a given PID

Overview

  1. Discover memory regions in use by a process with VirtualQueryEx given a PID
  2. Read memory into a local structure with ReadProcessMemory
  3. Modify the content of the memory locally
  4. Write the modified memory back into the process with WriteProcessMemory

Unique String

Compiling w/Linux Subsystem

To create Windows executables in the linux subsystem, you need to install mingw cross-compiler:

sudo apt-get install mingw-w64

Then you can create 32-bit Windows executables using the makefile with:

make 32bit

And 64-bit Windows executables with:

make 64bit

Usage

Program takes the name of the exe (i.e. "slack.exe") running the process you'd like to examine and the search string.

.\memscan.exe [Process Name] [Search String]

Note: memscan.exe must be compiled as a 64bit executable to examine 64 bit processes

About

Scan and edit memory using WinAPI functions such as ReadProcessMemory and WriteProcessMemory

Topics

windows winapi memory-hacking

Resources

Readme

Stars

45 stars

Watchers

2 watching

Forks

19 forks

Releases

No releases published

Packages

No packages published

Languages