Code Monkey home page Code Monkey logo

foreground-pattern-scanner's Introduction

Foreground Pattern Scanner - Memory-mapped executable pattern scanner

This repository contains a C++ program called ForegroundPatternScanner.cpp designed to scan the executable files of foreground windows for specific patterns. The program utilizes memory mapping to load the executable file of the foreground window into memory and then scans its content for predefined byte patterns.

Overview

The ForegroundPatternScanner.cpp program utilizes Windows APIs to retrieve information about the foreground window and the associated process. Instead of directly scanning the process's memory, it maps the executable file of the process into memory using file mapping techniques. It then scans the mapped file for predefined byte patterns that represent signatures of known applications. If a match is found, it outputs the file path of the executable associated with the process.

Installation

To use this project, you can clone the repository and compile it using a C++ compiler:

git clone https://github.com/NIR3X/Foreground-Pattern-Scanner --recurse-submodules
cd Foreground-Pattern-Scanner
make

Dependencies

  • This program relies on the following dependencies:
    • FastPatternsScanner.cpp/FastPatternsScanner.h: A header file providing functionality for fast pattern scanning.
    • FileMapping.cpp/FileMapping.h: A header file containing utilities for file mapping.

Usage

To use the ForegroundPatternScanner.cpp program, simply compile it using a compatible C++ compiler and run the resulting executable. The program will continuously monitor the foreground window and map the executable file of the corresponding process into memory. It will then scan the mapped file for predefined patterns. Example Patterns

The program comes preconfigured with patterns representing signatures of various applications such as Cheat Engine, x64dbg, Process Hacker, OllyDbg, Scylla, IDA, Extreme Injector v3, CrySearch, Squalr, and Binary Ninja. These patterns can be customized or extended as needed.

License

GNU AGPLv3 Image

This program is Free Software: You can use, study share and improve it at your will. Specifically you can redistribute and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

foreground-pattern-scanner's People

Contributors

nir3x avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.