#pragma once#include <Windows.h>char * PatternScan(char * pStart, UINT_P

1. #pragma once
2.  
3. #include <Windows.h>
4.  
5. char * PatternScan(char * pStart, UINT_PTR RegionSize, const char * szPattern, const char * szMask, int Len);
6. char * PatternScanEx(HANDLE hProc, char * pStart, UINT_PTR RegionSize, const char * szPattern, const char * szMask);
7.  
8. template <class T>
9. UINT_PTR ScanMemory(BYTE * pData, UINT_PTR RegionSize, T Val, T ** pOut, int MaxCount, BYTE Alignment, BYTE * OriginalBase = nullptr)
10. {
11.     int Count = 0;
12.     for (ULONG i = 0; i < (RegionSize - sizeof(T)); i += Alignment, pData += Alignment)
13.         if (*reinterpret_cast<T*>(pData) == Val)
14.         {
15.             if(MaxCount > 0 && Count < MaxCount)
16.                 if (OriginalBase)
17.                     pOut[Count] = reinterpret_cast<T*>(OriginalBase + i);
18.                 else
19.                     pOut[Count] = reinterpret_cast<T*>(pData);
20.             Count++;
21.         }
22.     return Count;
23. }
24.  
25. template <class T>
26. UINT_PTR ScanMemoryEx(HANDLE hProc, BYTE * pStart, UINT_PTR RegionSize, T Val, T ** pOut, int MaxCount, BYTE Alignment)
27. {
28.     int Count       = 0;
29.     DWORD Buffer    = 0;
30.     if (!GetHandleInformation(hProc, &Buffer) || !Alignment || !RegionSize || !pOut || MaxCount < 0)
31.         return 0;
32.    
33.     BYTE * pCurrent     = pStart;
34.     SIZE_T OldPageSize  = 0;
35.     BYTE * Data         = nullptr;
36.  
37.  
38.     while (pCurrent <= pStart + RegionSize - Alignment)
39.     {
40.         MEMORY_BASIC_INFORMATION MBI{ 0 };
41.         if (!VirtualQueryEx(hProc, pCurrent, &MBI, sizeof(MEMORY_BASIC_INFORMATION)))
42.             break;
43.        
44.         if (MBI.State == MEM_COMMIT && !(MBI.Protect & PAGE_NOACCESS || MBI.Protect & PAGE_GUARD))
45.         {
46.             if (pCurrent + MBI.RegionSize > pStart + RegionSize)
47.                 MBI.RegionSize = pStart + RegionSize - pCurrent;
48.  
49.             if (OldPageSize < MBI.RegionSize)
50.             {
51.  
52.                 OldPageSize = MBI.RegionSize;
53.                 Data = new BYTE[MBI.RegionSize];
54.                 if (!Data)
55.                     break;
56.             }
57.  
58.             if (ReadProcessMemory(hProc, pCurrent, Data, MBI.RegionSize, nullptr))
59.                 Count += ScanMemory<T>(Data, MBI.RegionSize, Val, &pOut[Count], MaxCount - Count, Alignment, pCurrent);
60.         }
61.         pCurrent += MBI.RegionSize;
62.     }
63.            
64.     if (Data)
65.         delete[] Data;
66.            
67.     return Count;
68. }