MemScan 1.0 Save
Scan and edit memory using WinAPI functions such as ReadProcessMemory and WriteProcessMemory
Project README
MemScan
Scan/manipulate the memory of a process with a given PID
Overview
- Discover memory regions in use by a process with VirtualQueryEx given a PID
- Read memory into a local structure with ReadProcessMemory
- Modify the content of the memory locally
- Write the modified memory back into the process with WriteProcessMemory
Compiling w/Linux Subsystem
To create Windows executables in the linux subsystem, you need to install mingw cross-compiler:
sudo apt-get install mingw-w64
Then you can create 32-bit Windows executables using the makefile with:
make 32bit
And 64-bit Windows executables with:
make 64bit
Usage
Program takes the name of the exe (i.e. "slack.exe") running the process you'd like to examine and the search string.
.\memscan.exe [Process Name] [Search String]
Note: memscan.exe must be compiled as a 64bit executable to examine 64 bit processes
Open Source Agenda is not affiliated with "MemScan 1.0" Project. README Source: landhb/MemScan-1.0
Stars
48
Open Issues
0
Last Commit
6 years ago
Repository
Tags
Open Source Agenda Badge
