Skip to content

vykt/ptrscan

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

70 Commits
debug
debug
 
 
doc
doc
 
 
man/man1
man/man1
 
 
src
src
 
 
DISKFORMAT
DISKFORMAT
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
TODO
TODO
 
 
ptrscan.png
ptrscan.png
 
 

Repository files navigation

ptrscan

ABOUT:

Pointer Scanner (ptrscan) is a dynamic analysis utility for discovering related pointers within a target process.

Because pointers are typically stored as parts of structures, ptrscan also discovers structures and their relationships, which at a high level reveals the design of your target.

ptrscan is able to verify previously identified pointer chains by attempting to follow them through different instances of the same program, eliminating false positives.

In addition to assisting with dynamic analysis, select pointer chains produced by ptrscan can be used to reliably navigate the memory of a target process from an external process.

DEPENDENCIES:

ptrscan links the following at runtime:

ptrscan can optionally use this LKM to scan through a hidden kernel interface:

INSTALLATON:

Fetch the repo:

$ git clone https://github.com/vykt/ptrscan

Build:

$ cd ptrscan
$ make ptrscan build=release

Install:

# make install

Install additional markdown documentation:

# make install_doc

To uninstall:

# make uninstall

DOCUMENTATION:

After installing ptrscan, see man 1 ptrscan. Alternatively, markdown documentation is available at ./doc/md/ptrscan.md.

EXAMPLES:

See ./doc/md/ptrscan.md for a walkthrough of a typical use case.

About

Pointer chain scanner for Linux.

Topics

reverse-engineering game-hacking dynamic-analysis linux-process pointer-scanner

Resources

Readme

License

GPL-3.0 license
Activity

Stars

36 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases 6

ptrscan v0.1.2 - Proton support Latest
Oct 28, 2024
+ 5 releases

Packages

No packages published

Languages