{"id":25842770,"url":"https://github.com/nir3x/foreground-pattern-scanner","last_synced_at":"2025-03-01T06:31:52.153Z","repository":{"id":222162550,"uuid":"756437624","full_name":"NIR3X/Foreground-Pattern-Scanner","owner":"NIR3X","description":"Foreground Pattern Scanner - Memory-mapped executable pattern scanner","archived":false,"fork":false,"pushed_at":"2024-02-16T06:19:46.000Z","size":22,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-02-17T05:22:47.358Z","etag":null,"topics":["c-plus-plus","cpp","executable-pattern-scanner","memory-mapping","pattern-scanning","windows-api"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/NIR3X.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2024-02-12T17:01:00.000Z","updated_at":"2024-02-12T17:03:34.000Z","dependencies_parsed_at":"2024-02-16T05:22:49.134Z","dependency_job_id":"85dca986-2210-42f5-badf-e4983dd8f45f","html_url":"https://github.com/NIR3X/Foreground-Pattern-Scanner","commit_stats":null,"previous_names":["nir3x/foreground-pattern-scanner"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NIR3X%2FForeground-Pattern-Scanner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NIR3X%2FForeground-Pattern-Scanner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NIR3X%2FForeground-Pattern-Scanner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NIR3X%2FForeground-Pattern-Scanner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/NIR3X","download_url":"https://codeload.github.com/NIR3X/Foreground-Pattern-Scanner/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241329448,"owners_count":19944982,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["c-plus-plus","cpp","executable-pattern-scanner","memory-mapping","pattern-scanning","windows-api"],"created_at":"2025-03-01T06:31:51.476Z","updated_at":"2025-03-01T06:31:52.146Z","avatar_url":"https://github.com/NIR3X.png","language":"C++","readme":"# Foreground Pattern Scanner - Memory-mapped executable pattern scanner\n\nThis repository contains a C++ program called `ForegroundPatternScanner.cpp` designed to scan the executable files of foreground windows for specific patterns. The program utilizes memory mapping to load the executable file of the foreground window into memory and then scans its content for predefined byte patterns.\n\n## Overview\n\nThe `ForegroundPatternScanner.cpp` program utilizes Windows APIs to retrieve information about the foreground window and the associated process. Instead of directly scanning the process's memory, it maps the executable file of the process into memory using file mapping techniques. It then scans the mapped file for predefined byte patterns that represent signatures of known applications. If a match is found, it outputs the file path of the executable associated with the process.\n\n## Installation\n\nTo use this project, you can clone the repository and compile it using a C++ compiler:\n\n```bash\ngit clone https://github.com/NIR3X/Foreground-Pattern-Scanner --recurse-submodules\ncd Foreground-Pattern-Scanner\nmake\n```\n\n## Dependencies\n\n* This program relies on the following dependencies:\n\t* `FastPatternsScanner.cpp/FastPatternsScanner.h`: A header file providing functionality for fast pattern scanning.\n\t* `FileMapping.cpp/FileMapping.h`: A header file containing utilities for file mapping.\n\n## Usage\n\nTo use the `ForegroundPatternScanner.cpp` program, simply compile it using a compatible C++ compiler and run the resulting executable. The program will continuously monitor the foreground window and map the executable file of the corresponding process into memory. It will then scan the mapped file for predefined patterns.\nExample Patterns\n\nThe program comes preconfigured with patterns representing signatures of various applications such as Cheat Engine, x64dbg, Process Hacker, OllyDbg, Scylla, IDA, Extreme Injector v3, CrySearch, Squalr, and Binary Ninja. These patterns can be customized or extended as needed.\n\n## License\n\n[![GNU AGPLv3 Image](https://www.gnu.org/graphics/agplv3-155x51.png)](https://www.gnu.org/licenses/agpl-3.0.html)\n\nThis program is Free Software: You can use, study share and improve it at your\nwill. Specifically you can redistribute and/or modify it under the terms of the\n[GNU Affero General Public License](https://www.gnu.org/licenses/agpl-3.0.html) as\npublished by the Free Software Foundation, either version 3 of the License, or\n(at your option) any later version.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnir3x%2Fforeground-pattern-scanner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnir3x%2Fforeground-pattern-scanner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnir3x%2Fforeground-pattern-scanner/lists"}