Cheat Engine is a powerful tool that can make the impossible possible in your favorite games, but diving into its functionalities like scanning for pointers can be anything from mystifying to downright daunting. Whether you're aiming to tweak your game, or just curious about how game hacking works, this guide aims to illuminate the path to using Cheat Engine like a pro.
What is Cheat Engine?
Before we plunge into the mechanics, let's understand what Cheat Engine (CE) is. CE is an open-source memory scanner/hex editor/debugger created by Eric "Dark Byte" Heijnen. In simpler words, it's your go-to software for cheating in computer games, or more technically, it allows you to modify single-player games running under Windows to make them harder or easier depending on your preference. If you haven't already, I highly recommend reading thought the previous threads, HOW TO INSTALL CHEAT ENGINE CORRECTLY (TUTORIAL) and HOW TO SCAN FOR VALUES IN CHEAT ENGINE (TUTORIAL) as they will play into this tutorial.
Why Use Cheat Engine for Scanning Pointers?
Scanning for pointers is a fundamental task when you're trying to hack a game. Pointers are variables in a program that point to other variables, and by finding and manipulating them, you can have the game do your bidding, like keeping your health points from decreasing. Pointers will also survive through restarts of the game and depending, possibly through updates. CE's ability to scan and modify these pointers makes it an invaluable tool in your hacking arsenal.
Understanding Pointers and Addresses
Before scanning, a quick crash course on pointers and addresses. In the realm of computer games, every entity like your character's health or ammunition is stored at a memory address. Pointers are special because they point to the memory address of these entities, making them a target for game modifications.
Step 1: Selecting the Process
Launch CE and your game. In CE, click on the computer icon to select the process (your game). Make sure you’ve chosen the right one; otherwise, you're aiming darts in the dark. Rarely, you may need to fish around under the "processes" tab for the currently running process. In this example, I'll be attaching to a game called "Game Store Simulator".
![[Image: qSkhRXQ.png]](https://i.imgur.com/qSkhRXQ.png)
Step 2: Finding the Initial Address
Locate an attribute in your game you wish to modify (e.g., money). Use CE's initial scan to find the memory address of this attribute by entering its current value in CE and starting the scan. Again, at any point you find yourself hung up, read the tutorials provided at the top of this thread. Now, I ready put it to this game, so I have a lot of money already. The first scans probably going to yield enough results where you will have to rescan again, and again until you get a manageable list. After, using the scientific method if you will, find a conclusion based on the best result and test it. If changing the value gives what's expected, great! In this example I found 213B660FC94 to be the best option. Be sure to add that to your address list.
![[Image: jluMLCl.png]](https://i.imgur.com/jluMLCl.png)
Step 3: Pointer Scan(s)
I have 3 main methods of pointing out addresses with cheat engine. One being more on the advanced side that requires coding in assembly that can be found here: How To Make Pointers Through Opcodes (Tutorial), One that will be covered in a later tutorial, and this method. If you choose you can skip ahead to the advanced methods, follow the provided link. If you're just learning I highly recommend you sticking this out and completely read both methods. Baby steps is the key.
Step 3.1.0: Using Pointer Scan Method
After pinpointing the address, right-click it and choose "Pointer scan for this address." then a new window will populate with the address pre-filled out. Default settings are okay here (if you're a pro user, what settings do you use?), just click the button "OK". Another window will pop up asking you to save the pointer map to a location on your computer. I recommend you put it in your CE junk folder for now as they can be taxing on disk space. Now wait as CE does its black magic.
![[Image: 1nt6W3g.png]](https://i.imgur.com/1nt6W3g.png)
Step 3.1.1: Filtering and Refining Results
You will likely end up with a slew of potential pointers, sometimes in the 100 thousands. By changing the in-game value and rescanning, you can filter out the false positives, narrowing down to the real pointers. To go even further, restarting your game/computer and importing the saved pointer map back in will filter out more false positives. I wont go into details on how to load back up the pointer map, but ill give the steps. (restart game/computer -> attach cheat engine -> right click on the old, dead address -> click "Pointer scan for this address." -> exit out of the first popup window -> click "File" -> "Open" -> Navigate to your junk folder and select your pointer map). After I did these steps, I was just left with 2 consistent pointers.
![[Image: eqIAnrc.png]](https://i.imgur.com/eqIAnrc.png)
Step 3.1.2: Validating Pointers
Finally, test the potential pointers by trying to modify the in-game value through CE. If successful, congratulations, you've found a true pointer.
I've split this post into two threads, and you can find the remaining here: How To Make Pointers Through Opcodes (Tutorial)
What is Cheat Engine?
Before we plunge into the mechanics, let's understand what Cheat Engine (CE) is. CE is an open-source memory scanner/hex editor/debugger created by Eric "Dark Byte" Heijnen. In simpler words, it's your go-to software for cheating in computer games, or more technically, it allows you to modify single-player games running under Windows to make them harder or easier depending on your preference. If you haven't already, I highly recommend reading thought the previous threads, HOW TO INSTALL CHEAT ENGINE CORRECTLY (TUTORIAL) and HOW TO SCAN FOR VALUES IN CHEAT ENGINE (TUTORIAL) as they will play into this tutorial.
Why Use Cheat Engine for Scanning Pointers?
Scanning for pointers is a fundamental task when you're trying to hack a game. Pointers are variables in a program that point to other variables, and by finding and manipulating them, you can have the game do your bidding, like keeping your health points from decreasing. Pointers will also survive through restarts of the game and depending, possibly through updates. CE's ability to scan and modify these pointers makes it an invaluable tool in your hacking arsenal.
Understanding Pointers and Addresses
Before scanning, a quick crash course on pointers and addresses. In the realm of computer games, every entity like your character's health or ammunition is stored at a memory address. Pointers are special because they point to the memory address of these entities, making them a target for game modifications.
Step 1: Selecting the Process
Launch CE and your game. In CE, click on the computer icon to select the process (your game). Make sure you’ve chosen the right one; otherwise, you're aiming darts in the dark. Rarely, you may need to fish around under the "processes" tab for the currently running process. In this example, I'll be attaching to a game called "Game Store Simulator".
Step 2: Finding the Initial Address
Locate an attribute in your game you wish to modify (e.g., money). Use CE's initial scan to find the memory address of this attribute by entering its current value in CE and starting the scan. Again, at any point you find yourself hung up, read the tutorials provided at the top of this thread. Now, I ready put it to this game, so I have a lot of money already. The first scans probably going to yield enough results where you will have to rescan again, and again until you get a manageable list. After, using the scientific method if you will, find a conclusion based on the best result and test it. If changing the value gives what's expected, great! In this example I found 213B660FC94 to be the best option. Be sure to add that to your address list.
Step 3: Pointer Scan(s)
I have 3 main methods of pointing out addresses with cheat engine. One being more on the advanced side that requires coding in assembly that can be found here: How To Make Pointers Through Opcodes (Tutorial), One that will be covered in a later tutorial, and this method. If you choose you can skip ahead to the advanced methods, follow the provided link. If you're just learning I highly recommend you sticking this out and completely read both methods. Baby steps is the key.
Step 3.1.0: Using Pointer Scan Method
After pinpointing the address, right-click it and choose "Pointer scan for this address." then a new window will populate with the address pre-filled out. Default settings are okay here (if you're a pro user, what settings do you use?), just click the button "OK". Another window will pop up asking you to save the pointer map to a location on your computer. I recommend you put it in your CE junk folder for now as they can be taxing on disk space. Now wait as CE does its black magic.
Step 3.1.1: Filtering and Refining Results
You will likely end up with a slew of potential pointers, sometimes in the 100 thousands. By changing the in-game value and rescanning, you can filter out the false positives, narrowing down to the real pointers. To go even further, restarting your game/computer and importing the saved pointer map back in will filter out more false positives. I wont go into details on how to load back up the pointer map, but ill give the steps. (restart game/computer -> attach cheat engine -> right click on the old, dead address -> click "Pointer scan for this address." -> exit out of the first popup window -> click "File" -> "Open" -> Navigate to your junk folder and select your pointer map). After I did these steps, I was just left with 2 consistent pointers.
Step 3.1.2: Validating Pointers
Finally, test the potential pointers by trying to modify the in-game value through CE. If successful, congratulations, you've found a true pointer.
I've split this post into two threads, and you can find the remaining here: How To Make Pointers Through Opcodes (Tutorial)
⠀
So, tell me where should I go?
To the left, where nothing's right. Or go right, where nothings left..
