A Linux-based memory scanner and editor built in C using the ptrace API. This tool attaches to a running process, scans its writable memory regions for a specific integer value, allows rescanning, and even edits memory at runtime.
⚠️ This project is strictly for educational and ethical testing purposes only. Unauthorized use on systems you do not own or have permission to test is illegal.
- Attach to a running process by PID
- Scan memory regions (
/proc/[pid]/maps) for a specific integer value - Rescan previously found addresses for updated values
- Modify memory values at known addresses
- Detach safely after operations
- User enters the PID of a target process.
- Tool attaches using
ptrace(PTRACE_ATTACH). - Parses
/proc/[pid]/mapsto find writable (rw-p) regions. - Scans these regions using
PTRACE_PEEKDATAfor the target value. - Allows rescanning to refine the address list.
- Uses
PTRACE_POKEDATAto inject a new integer into memory.
- Linux system with
procfs gccor any C compiler- Root privileges (recommended for full process access)
gcc -o ram-injector ram_injector.c