/ 目录 / 演练场 / cheatengine-mcp-bridge
← 全部服务器 ↗ GitHub
● 社区 miscusi-peek ⚡ 即开即用

cheatengine-mcp-bridge

作者 miscusi-peek · miscusi-peek/cheatengine-mcp-bridge

Bridge Cheat Engine to AI agents for automated memory analysis, pointer scanning, and reverse engineering via natural language.

cheatengine-mcp-bridge connects AI assistants (Claude, Cursor, Copilot) to Cheat Engine via MCP on Windows. It exposes 43 tools for memory read/write, code disassembly, structure dissection, hardware breakpoints, AOB scanning, RTTI analysis, and DBVM-based invisible tracing. Enables natural language queries like 'find the health pointer' instead of manual hex editing.

▶ 观看演示 📦 安装 💡 使用场景

为什么要用

核心特性

实时演示

实际使用效果

cheatengine-mcp-bridge.replay ▶ 就绪
0/0

安装

选择你的客户端

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "cheatengine-mcp-bridge": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/miscusi-peek/cheatengine-mcp-bridge"
      ]
    }
  }
}

打开 Claude Desktop → Settings → Developer → Edit Config。保存后重启应用。

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "cheatengine-mcp-bridge": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/miscusi-peek/cheatengine-mcp-bridge"
      ]
    }
  }
}

Cursor 使用与 Claude Desktop 相同的 mcpServers 格式。项目级配置优先于全局。

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "cheatengine-mcp-bridge": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/miscusi-peek/cheatengine-mcp-bridge"
      ]
    }
  }
}

点击 Cline 侧栏中的 MCP Servers 图标,然后选 "Edit Configuration"。

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "cheatengine-mcp-bridge": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/miscusi-peek/cheatengine-mcp-bridge"
      ]
    }
  }
}

格式与 Claude Desktop 相同。重启 Windsurf 生效。

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "cheatengine-mcp-bridge",
      "command": "TODO",
      "args": [
        "See README: https://github.com/miscusi-peek/cheatengine-mcp-bridge"
      ]
    }
  ]
}

Continue 使用服务器对象数组,而非映射。

~/.config/zed/settings.json
{
  "context_servers": {
    "cheatengine-mcp-bridge": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/miscusi-peek/cheatengine-mcp-bridge"
        ]
      }
    }
  }
}

加入 context_servers。Zed 保存后热重载。

claude mcp add cheatengine-mcp-bridge -- TODO 'See README: https://github.com/miscusi-peek/cheatengine-mcp-bridge'

一行命令搞定。用 claude mcp list 验证,claude mcp remove 卸载。

使用场景

实战用法: cheatengine-mcp-bridge

How to solve a CTF memory analysis challenge with Cheat Engine MCP

👤 CTF participants working on binary exploitation or game hacking challenges ⏱ ~30 min intermediate

何时使用: You have a CTF challenge that requires finding and manipulating values in a running process.

前置条件
  • Windows with Cheat Engine installed — Download from cheatengine.org
  • MCP bridge running — pip install -r MCP_Server/requirements.txt
步骤
  1. Scan for the target value
    Attach to the CTF challenge process and scan for an integer value of 100 (my current score).✓ 已复制
    → List of memory addresses containing the value 100
  2. Narrow down the address
    I changed the score to 95. Rescan to find which address actually holds the score.✓ 已复制
    → Filtered list with likely candidate addresses
  3. Trace the pointer chain
    Find the pointer chain to this address so we can reliably locate it after restart.✓ 已复制
    → Stable pointer path from base module

结果: A reliable pointer chain to the target value for the CTF solution.

注意事项
  • Value stored as float instead of integer — Try scanning as float or double if integer scan returns no results

Reverse engineer game data structures with AI assistance

👤 Game modders and reverse engineers analyzing proprietary software they own ⏱ ~45 min advanced

何时使用: You want to understand the memory layout of a program's data structures for educational purposes.

前置条件
  • Cheat Engine + MCP bridge running — pip install mcp pywin32
  • Target process you own or have authorization to analyze — Launch the application
步骤
  1. Dissect the structure
    Attach to the process and dissect the data structure at address 0x1A3F0000. Identify field types and sizes.✓ 已复制
    → Structure layout with field offsets, types, and likely names
  2. Find RTTI class info
    Check if this address has RTTI information. What C++ class does it belong to?✓ 已复制
    → Class name and inheritance chain from RTTI

结果: A documented data structure layout with field types and class hierarchy.

注意事项
  • RTTI stripped from release builds — Fall back to manual structure dissection and pattern analysis

组合

与其他 MCP 搭配,撬动十倍杠杆

cheatengine-mcp-bridge + filesystem

Export discovered structures and pointer maps to files for documentation

Document the data structures we found and save them as a markdown file in my notes folder.✓ 已复制

工具

此 MCP 暴露的能力

工具输入参数何时调用成本
read_memory address: str, size: int Read raw bytes from a memory address 0
read_integer address: str, size?: int Read an integer value from memory 0
scan_all value: str, type: str Scan process memory for a specific value 0
aob_scan pattern: str Search for a byte pattern (array of bytes) in memory 0
disassemble address: str, count?: int Disassemble instructions at an address 0
dissect_structure address: str, size?: int Auto-detect structure layout at an address 0
get_rtti_classname address: str Get the C++ class name via RTTI for an object pointer 0
set_breakpoint address: str, type?: str Set a hardware breakpoint for debugging 0

成本与限制

运行它的成本

API 配额
N/A — all local
每次调用 Token 数
200–1000 tokens per tool call
费用
Free — requires Cheat Engine (free) and Windows
提示
Use targeted scans (aob_scan, read_integer) instead of full memory dumps to reduce output size.

安全

权限、密钥、影响范围

凭据存储: N/A — local tool, no external credentials
数据出站: All operations are local via Named Pipes. No network calls.

故障排查

常见错误与修复

Named Pipe connection failed

Ensure Cheat Engine is running and the Lua bridge script is loaded. Check that both CE and the MCP server run with matching privilege levels (both admin or both user).

验证: Check Cheat Engine's Lua console for pipe creation messages
Access denied reading memory

Run Cheat Engine as Administrator. Some processes require elevated privileges for memory access.

验证: Right-click Cheat Engine → Run as Administrator
Scan returns no results

Try different value types (float vs int, 4-byte vs 8-byte). The value might be stored in an unexpected format.

验证: Try a scan with 'All' value type

替代方案

cheatengine-mcp-bridge 对比其他方案

替代方案何时用它替代权衡
ida-pro-mcpYou need static binary analysis and disassembly rather than live memory manipulationStatic analysis only but much deeper code understanding
mcp-windbgYou need kernel-level debugging or crash dump analysis on WindowsMore powerful debugging but steeper learning curve

更多

资源

📖 阅读 GitHub 上的官方 README

🐙 查看未解决的 issue

🔍 浏览全部 400+ MCP 服务器和 Skills