MCP Cheat Engine Server

ADVANCED_FEATURES.md•6.78 kB

# Advanced Cheat Engine Bridge Functionality This document outlines the advanced functionality that has been added to the Cheat Engine Bridge Module (`ce_bridge.py`). ## New Data Structures ### MemoryScanResult - **Purpose**: Represents results from memory scanning operations - **Fields**: address, value, data_type, size, region_info - **Usage**: Returned by all memory scanning functions ### DisassemblyResult - **Purpose**: Represents disassembled code instructions - **Fields**: address, bytes_data, mnemonic, op_str, size, groups - **Usage**: Returned by code disassembly functions ## Enhanced Memory Scanning ### 1. Value-Based Scanning - **Method**: `scan_memory_for_value(handle, value, data_type, start_address, end_address)` - **Supports**: int8, int16, int32, int64, uint8-64, float, double, string - **Features**: Multi-encoding string search, typed value reading - **Safety**: Read-only operations, result limiting ### 2. Range-Based Scanning - **Method**: `scan_memory_range(handle, min_value, max_value, data_type, start_address, end_address)` - **Purpose**: Find values within a numeric range - **Optimization**: Type-aligned scanning for performance - **Use Cases**: Health/ammo ranges, coordinate boundaries ### 3. Wildcard Pattern Search - **Method**: `find_pattern_with_wildcards(handle, pattern_string, start_address, end_address)` - **Format**: "48 8B ? 48 ?? 05" (? or ?? for wildcards) - **Features**: Flexible byte pattern matching - **Applications**: Code signature detection, API call patterns ## Advanced Code Analysis ### 1. Code Disassembly - **Method**: `disassemble_code(handle, address, size, architecture)` - **Engine**: Capstone disassembly framework - **Architectures**: x86, x64 - **Features**: Instruction groups, operand analysis - **Output**: Mnemonic, operands, instruction groups ### 2. String Reference Detection - **Method**: `find_string_references(handle, target_string, start_address, end_address)` - **Encodings**: UTF-8, UTF-16LE, ASCII - **Analysis**: Finds code that references strings - **Applications**: Function discovery, string table analysis ## Data Structure Analysis ### 1. Automated Structure Detection - **Method**: `analyze_data_structures(handle, address, size)` - **Detection**: Pointers, strings, repeating patterns - **Analysis**: vtables, arrays, object structures - **Suggestions**: Potential data type identification ### 2. Type Conversion Utilities - **Methods**: `_value_to_bytes()`, `_bytes_to_value()`, `_read_typed_value()` - **Support**: All standard data types - **Features**: Multi-format string handling - **Safety**: Error handling, bounds checking ## Advanced Pointer Analysis ### 1. Reverse Pointer Chain Discovery - **Method**: `find_pointer_chains_to_address(handle, target_address, max_depth, max_results)` - **Purpose**: Find all pointer chains leading to an address - **Depth**: Configurable chain depth (default: 4 levels) - **Optimization**: Memory region filtering, result limiting ### 2. Enhanced Pointer Resolution - **Method**: `resolve_pointer_chain(handle, base_address, offsets)` (enhanced) - **Features**: Better error handling, 64-bit support - **Applications**: Dynamic address resolution ## Memory Comparison & Snapshots ### 1. Memory Snapshots - **Method**: `create_memory_snapshot(handle, address, size)` - **Purpose**: Capture memory state for comparison - **Use Cases**: Change detection, state monitoring ### 2. Memory Comparison - **Method**: `compare_memory_snapshots(handle, address, size, previous_data)` - **Analysis**: Byte-by-byte comparison - **Output**: Changed regions, statistics, detailed diff - **Applications**: Memory monitoring, cheat detection ### 3. Change-Based Scanning - **Method**: `search_for_changed_values(handle, old_value, new_value, data_type, previous_results)` - **Purpose**: Next scan functionality - **Features**: Filter previous results, progressive refinement - **Use Cases**: Value tracking, dynamic analysis ## Safety and Performance Features ### Read-Only Architecture - All functions are read-only for safety - Write operations intentionally disabled - Error logging and graceful failure handling ### Performance Optimizations - Chunked memory reading (1MB chunks) - Result limiting (10,000 max results) - Memory region filtering - Type-aligned scanning ### Error Handling - Comprehensive exception catching - Detailed error logging - Graceful degradation - Optional dependency handling (Capstone) ## Integration Features ### Conditional Dependencies - **Capstone**: Optional for disassembly features - **Graceful Fallback**: Functions work without optional dependencies - **Runtime Detection**: Automatic capability detection ### Data Type Support - **Integers**: 8, 16, 32, 64-bit signed/unsigned - **Floating Point**: 32-bit float, 64-bit double - **Strings**: UTF-8, UTF-16LE, ASCII with null termination - **Raw Bytes**: Hex pattern support ## Usage Examples ### Basic Memory Scanning ```python # Scan for integer value results = bridge.scan_memory_for_value(handle, 1000, 'int32') # Scan for value range results = bridge.scan_memory_range(handle, 100, 200, 'int32') # Wildcard pattern search addresses = bridge.find_pattern_with_wildcards(handle, "48 8B ? 48 ?? 05") ``` ### Code Analysis ```python # Disassemble code instructions = bridge.disassemble_code(handle, address, 64, 'x64') # Find string references refs = bridge.find_string_references(handle, "Player") # Analyze data structure analysis = bridge.analyze_data_structures(handle, address, 256) ``` ### Advanced Operations ```python # Find pointer chains chains = bridge.find_pointer_chains_to_address(handle, target_addr, max_depth=3) # Memory comparison snapshot = bridge.create_memory_snapshot(handle, address, 1024) # ... later ... changes = bridge.compare_memory_snapshots(handle, address, 1024, snapshot) # Progressive scanning first_scan = bridge.scan_memory_for_value(handle, 100, 'int32') # ... value changes to 150 ... refined = bridge.search_for_changed_values(handle, 100, 150, 'int32', first_scan) ``` ## Future Enhancements The modular design allows for easy addition of: - Hot patching detection - Memory protection analysis - Advanced pattern libraries - Machine learning-based structure detection - Multi-process analysis - Real-time monitoring capabilities ## Dependencies ### Required - ctypes (built-in) - struct (built-in) - winreg (built-in) ### Optional - capstone: For code disassembly - psutil: For enhanced process information All functionality gracefully degrades when optional dependencies are unavailable.

Loading blob content...

Latest Blog Posts

Don't Use Large Strings as Cache Keys
By punkpeye on January 11, 2026.
markdown
node-js
cache
What are Claude Skills?
By punkpeye on January 10, 2026.
mcp
skills
How to Test MCP Streamable HTTP Endpoints Using cURL
By punkpeye on January 2, 2026.
tutorial
bash

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/bethington/cheat-engine-server-python'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

ADVANCED_FEATURES.md•6.78 kB