ItsMods

This tool is designed primarily to help find memory addresses after a game updates or for previous versions. It accomplishes this by searching the emory for the hex values, or byte signatures associated with an address that you currently have.

For example, if you have a hack such as 'unlimited health' and its address is 0x00451178, if you look at that address in a debugger(or something similar) and you will see a series of hex values starting at that address such as '8B 5D 08'. That is a byte sig for that address in memory(though we will generally want to use a larger sig for accuracy).
It represents the following code MOV EBX,DWORD PTR SS:[EBP+8] which may be repeated somewhere else in the program so we want to look at the next line, there we may find something like: BE EA 34 66 00 - - MOV ESI, 006634EA. Notice that an address is used there, sice the games code has changed, this address will not always be the same so we use something called a 'mask'.
We use the letter 'x' to represent a static value(values that we know won't change) and the symbol '?' to represent values that may have changed. So the mask to find this byte sig would be 'xxxx????'. 4'x' to represent 8B 5D 08 BE followed by 4 '?' to represent the address EA 34 66 00.
(addresses in asm are stored as bytes reverse of the actual address).
So in order to look for this byte sig with this tool you will want to enter the followig values:

Address:
0x00451178
Range:
0x2000
Mask:
xxxx????
Bytes
8B5D08BEEA346600

NOTE: We do not include any spaces between bytes in this box, we also dont need 'h' or '0x'.


Then just start the game you wish to scan, find its process with the dropdown tool and hit the search button. If the tool is succesful in finding the byte signature it will show the address in the box on the lower left, otherwise it will display "no matches found".

Kryptech