This library provides a set of functions for manipulating memory in a Windows process. It allows you to read and write memory, inject DLLs, and search for byte patterns in memory.

installation

pip install PyMemoryR-W

Functions

process_handle(app_name)

Returns a process handle for the given App name.

Usage:

from PyMemoryRW import process_handle

# Get a handle for the Notepad process
handle = process_handle("notepad.exe")
print(handle)  # Output might look like: <Handle pid='1234'>

inject_dll(process_handle, dll_path)

Injects a DLL into a running process.

Usage:

from PyMemoryRW import process_handle, inject_dll

# Get a handle for the target process
handle = process_handle("myapp.exe")

# Path to the DLL to inject
dll_path = "C:\\Path\\To\\MyDLL.dll"

# Inject the DLL into the target process
inject_dll(handle, dll_path)

write_memory(process_handle, base_address, data)

Writes data to a chunk of memory in the process.

Usage:

from PyMemoryRW import process_handle, write_memory

# Get a handle for the target process
handle = process_handle("myapp.exe")

# Memory address to write to
base_address = 0x1000000

# Data to write (must be bytes)
data = b'Hello, World!'

# Write the data to the process memory
write_memory(handle, base_address, data)

read_memory(process_handle, base_address, size)

Reads a valu of memory from the process.

Usage:

from PyMemoryRW import process_handle, read_memory


# Open the process (replace with your process ID)
process_handle = process_handle("notepad.exe")

# Memory address to read from
base_address = 0x10000000

# Number of bytes to read
size = 1024

# Read the memory contents
data = read_memory(process_handle, base_address, size)

# Print the contents of the memory region
print(data)

search_byte_pattern(process_handle, pattern)

Searches for a byte pattern in the process memory and returns a list of dictionaries containing the addresses where the pattern was found, along with the original data at those addresses.

Usage:

from PyMemoryRW import process_handle, search_byte_pattern

# Get a handle for the target process
handle = process_handle("xyz.exe")

# Byte arrry pattern to search for
byte_pattern = bytes.fromhex('A0 42 00 00 C0 3F 33 33 13 40 00 00 F0 3F 00')
# Byte pattern to search for
value=12413414
pattern = value.to_bytes(4, byteorder='little')

# Search for the byte pattern in the process memory
matches = search_byte_pattern(handle, pattern)

# Print the results
print(matches)  # Example output: [{'address': '0x1000000', 'data': '12345678'}, {'address': '0x2000000', 'data': '12345678'}]

Scan_pattern(process_handle, pattern)

The Scan_pattern function searches for a given byte pattern in the memory of a specified process. The pattern can include specific bytes and wildcards (??) that match any byte.

Usage:

from PyMemoryRW import Scan_pattern

# Get a handle for the target process (example handle value)
handle = process_handle("xyz.exe")

# Byte pattern to search for, with '??' as wildcards
patterns = "12 34 ?? 56 ?? 11"

# Search for the byte pattern in the process memory
matches = Scan_pattern(process_handle, patterns)

# Print the results
print(matches)  # Example output: [{'base_address': '0x1000', 'data': '12 34 78 56 88 11'}, {'base_address': '0x2000', 'data': '12 34 90 56 33 11'}]

Requirements

Requirements

To use this library, you need the following Python libraries:

• pymem
• pyinjector
• ctypes (included in the standard library)

You can install the required libraries using pip:

pip install pymem pyinjector mahdix

Author

Mahdi Hasan Shuvo

Contact

• Email: shuvobbhh@gmail.com
• WhatsApp: +8801616397082
• GitHub: Mahdi-hasan-shuvo
• Facebook: Mahdi Hasan Shuvo