memorpy

 > >> from memorpy import *
> >> mw = MemWorker ( pid = 3856 ) #you can also select a process by its name with the kwarg name=
> >> l = [ x for x in mw . umem_search ( "hello" )]
> >> l
[( '' , < Addr : 0x003287B0 > )]
> >> a = l [ 0 ][ 1 ]
> >> a
< Addr : 0x003287B0 >
> >> a + 4
< Addr : 0x003287B4 >
> >> print a
< Addr : 0x003287B0 : "h x00 e x00 l x00 l x00 o x00 x00 t x00 h x00 i x00 s x00 x00 i x00 s x00 x00 a x00 x00 m x00 e x00 s x00 s x00 a x00 g x00 e x00 x00 I x00 " ( bytes ) >
> >> a . dump ()
00328790 : 46 00 72 00 61 00 6 E 00 63 00 65 00 29 00 00 00  F . r . a . n . c . e .)...
003287 A0 : 00 00 00 00 00 00 00 00 F3 8 F 57 0 C 7 F 6 A 00 10  .......... W .. j ..
003287 B0 : 63 00 6 F 00 75 00 63 00 6 F 00 75 00 20 00 74 00  c . o . u . c . o . u . . t .
003287 C0 : 68 00 69 00 73 00 20 00 69 00 73 00 20 00 61 00  h . i . s . . i . s . . a .
003287 D0 : 20 00 6 D 00 65 00 73 00 73 00 61 00 67 00 65 00   . m . e . s . s . a . g . e .
003287E0 : 20 00 49 00 20 00 74 00 79 00 70 00 65 00 64 00   . I . . t . y . p . e . d .
003287 F0 : 20 00 69 00 6 E 00 20 00 6 E 00 6 F 00 74 00 65 00   . i . n . . n . o . t . e .
00328800 : 70 00 61 00 64 00 2 E 00 65 00 78 00 65 00 20 00  p . a . d ... e . x . e . .
00328810 : 21 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  !...............
00328820 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00328830 : 00 00 00 00 04 00 27 00 F7 8 F 74 2 B 6 A 6 A 00 00  ......'... t + jj ..
00328840 : 30 7 A 32 00 C0 8 B 32 00 00 00 00 00 00 00 00 00  0 z2 ... 2. ........
00328850 : 01 00 01 00 01 01 00 00 00 00 00 00 00 00 00 00  ................
00328860 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00328870 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00328880 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00328890 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
003288 A0 : 01 00 00 01 00 00 01 00 00 00 00 01 00 00 00 00  ................
003288 B0 : 07 00 00 07 59 6 A 00 00 B8 79 32 00 E8 35 32 00  .... Yj ... y2 . .52 .
003288 C0 : 50 54 9 D ED E6 EB 55 42 82 89 F8 A3 1 E 68 72 28  PT .... UB ..... hr (
003288 D0 : 03 00 00 03 7 F 6 A 00 00 C0 8 B 32 00 E8 35 32 00  ..... j .... 2. . 52.
003288E0 : AA BA 43 9 F 5 C 80 8 F 67 E2 8 F 75 3 F 6 E 6 A 00 0 C  .. C ... g .. u ? nj ..
003288 F0 : F0 FE 30 00 70 FE 30 00 F0 FD 30 00 1 D 17 ED 00  . .0 . p . 0. . .0 .....
00328900 : B6 8 F 75 6 B 7 B 6 A 00 08 00 00 00 00 00 00 00 00  .. uk { j ..........
00328910 : 11 10 0 A 61 00 00 00 00 00 00 00 00 A0 00 00 00  ... a ............
00328920 : 0 D 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
00328930 : 00 00 80 41 00 00 80 41 00 00 80 3 D 00 00 80 3 D  ... A ... A ... = ... =
00328940 : 00 00 D0 00 00 00 30 00 1 E FF 20 1 F 00 00 00 00  ..... .0 ... .....
00328950 : 71 80 0 E 00 30 00 30 00 30 00 30 00 30 00 30 00  q ... 0.0 .0 . 0.0 .0 .
00328960 : 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00  0.0 . 0.0 .0 . 0.0 .0 .
00328970 : 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00  0.0 . 0.0 .0 . 0.0 .0 .
00328980 : 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 0.0 . 0.0 .0 . 0.0 .0 .
> >> a . read ( 100 ). decode ( "utf-16-le" )
u'hello this is a message I typed in notepad.exe ! x00 x00 '
>> > a . write ( "pwned" . encode ( "utf-16-le" ))
1
>> > a . read ( 100 ). decode ( "utf-16-le" )
u'pwned this is a message I typed in notepad.exe ! x00 x00 '

 > >> mw . umem_replace ( "hello" , "pwned" )

 > >> lo = Locator ( mw )
> >> lo . feed ( 200 )
...
< Addr : 0x0018FDE2 > ,
< Addr : 0x0018FDE4 > ,
< Addr : 0x0018FDE6 > ,
...]}

 > >> lo . feed ( 199 )
{ 'double' : [],
 'float' : [],
 'int' : [ < Addr : 0x0019FAF0 > ],
 'long' : [],
 'short' : [],
 'uint' : [],
 'ulong' : [],
 'ushort' : []}
> >> a = _ [ "int" ][ 0 ]
> >> a . read ()
199
> >> a . write ( 999999 )
1