MemoryOpenFromPID(PID, Privilege=0x1F0FFF){ HWND := DllCall("OpenProcess", "

1. MemoryOpenFromPID(PID, Privilege=0x1F0FFF)
2. {
3.     HWND := DllCall("OpenProcess", "Uint", Privilege, "int", 0, "int", PID)
4.     return HWND
5. }
6.  
7. MemoryOpenFromName(Name, Privilege=0x1F0FFF)
8. {
9.     Process, Exist, %Name%
10.     PID := ErrorLevel
11.     Return MemoryOpenFromPID(PID, Privilege)
12. }
13.  
14. MemoryOpenFromTitle(title, privilege=0x1F0FFF)
15. {
16.     WinGet, PID, PID, %title%
17.     Return MemoryOpenFromPID(PID, Privilege)
18. }
19.  
20. MemoryClose(hwnd)
21. {
22.     return DllCall("CloseHandle", "int", hwnd)
23. }
24.  
25. MemoryWrite(hwnd, address, writevalue, datatype="int", length=4, offset=0)
26. {
27.     VarSetCapacity(finalvalue, length, 0)
28.     NumPut(writevalue, finalvalue, 0, datatype)
29.     return DllCall("WriteProcessMemory", "Uint", hwnd, "Uint", address+offset, "Uint", &finalvalue, "Uint", length, "Uint", 0)
30. }
31.  
32. MemoryRead(hwnd, address, datatype="int", length=4, offset=0)
33. {
34.     VarSetCapacity(readvalue,length, 0)
35.     DllCall("ReadProcessMemory","Uint",hwnd,"Uint",address+offset,"Str",readvalue,"Uint",length,"Uint *",0)
36.     finalvalue := NumGet(readvalue,0,datatype)
37.     return finalvalue
38. }
39.  
40. MemoryWritePointer(hwnd, base, writevalue, datatype="int", length=4, offsets=0, offset_1=0, offset_2=0, offset_3=0, offset_4=0, offset_5=0, offset_6=0, offset_7=0, offset_8=0, offset_9=0)
41. {
42.     B_FormatInteger := A_FormatInteger
43.     Loop, %offsets%
44.     {
45.         baseresult := MemoryRead(hwnd,base)
46.         Offset := Offset_%A_Index%
47.         SetFormat, integer, h
48.         base := baseresult + Offset
49.         SetFormat, integer, d
50.     }
51.     SetFormat, Integer, %B_FormatInteger%
52.     return MemoryWrite(hwnd,address,writevalue,datatype,length)
53. }
54.  
55. MemoryReadPointer(hwnd, base, datatype="int", length=4, offsets=0, offset_1=0, offset_2=0, offset_3=0, offset_4=0, offset_5=0, offset_6=0, offset_7=0, offset_8=0, offset_9=0)
56. {
57.     B_FormatInteger := A_FormatInteger
58.     Loop, %offsets%
59.     {
60.         baseresult := MemoryRead(hwnd,base)
61.         Offset := Offset_%A_Index%
62.         SetFormat, integer, h
63.         base := baseresult + Offset
64.         SetFormat, integer, d
65.     }
66.     SetFormat, Integer, %B_FormatInteger%
67.     return MemoryRead(hwnd,base,datatyp,length)
68. }
69.  
70. MemoryGetAddrPID(PID, DllName)
71. {
72.     VarSetCapacity(me32, 548, 0)
73.     NumPut(548, me32)
74.     snapMod := DllCall("CreateToolhelp32Snapshot", "Uint", 0x00000008, "Uint", PID)
75.     If (snapMod = -1)
76.         Return 0
77.     If (DllCall("Module32First", "Uint", snapMod, "Uint", &me32))
78.     {
79.         Loop
80.         {
81.             If (!DllCall("lstrcmpi", "Str", DllName, "UInt", &me32 + 32)) {
82.                 DllCall("CloseHandle", "UInt", snapMod)
83.                 Return NumGet(&me32 + 20)
84.             }
85.         }
86.         Until !DllCall("Module32Next", "Uint", snapMod, "UInt", &me32)
87.     }
88.     DllCall("CloseHandle", "Uint", snapMod)
89.     Return 0
90. }
91.  
92. MemoryGetAddrName(Name, DllName)
93. {
94.     Process, Exist, %Name%
95.     PID := ErrorLevel
96.     Return MemoryGetAddrPID(PID, DllName)
97. }
98.  
99. MemoryGetAddrTitle(Title, DllName)
100. {
101.     WinGet, PID, PID, %Title%
102.     Return MemoryGetAddrPID(PID, DllName)
103. }
104.  
105. SetPrivilege(privilege = "SeDebugPrivilege")
106. {
107.     success := DllCall("advapi32.dll\LookupPrivilegeValueA","uint",0,"str",privilege,"int64*",luid_SeDebugPrivilege)
108.     if (success = 1) && (ErrorLevel = 0)
109.     {
110.         returnval = 0
111.     }
112.     else
113.     {
114.         returnval = %ErrorLevel%
115.     }
116.     return %returnval%
117. }
118.  
119. SuspendProcess(hwnd)
120. {
121.     return DllCall("ntdll\NtSuspendProcess","uint",hwnd)
122. }
123.  
124. ResumeProcess(hwnd)
125. {
126.     return DllCall("ntdll\NtResumeProcess","uint",hwnd)
127. }