/ Directory / Playground / cheatengine-mcp-bridge
← All servers ↗ GitHub
● Community miscusi-peek ⚡ Instant

cheatengine-mcp-bridge

by miscusi-peek · miscusi-peek/cheatengine-mcp-bridge

Bridge Cheat Engine to AI agents for automated memory analysis, pointer scanning, and reverse engineering via natural language.

cheatengine-mcp-bridge connects AI assistants (Claude, Cursor, Copilot) to Cheat Engine via MCP on Windows. It exposes 43 tools for memory read/write, code disassembly, structure dissection, hardware breakpoints, AOB scanning, RTTI analysis, and DBVM-based invisible tracing. Enables natural language queries like 'find the health pointer' instead of manual hex editing.

▶ Watch demo 📦 Install 💡 Use Cases

Why use it

Key features

Live Demo

What it looks like in practice

cheatengine-mcp-bridge.replay ▶ ready
0/0

Install

Pick your client

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "cheatengine-mcp-bridge": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/miscusi-peek/cheatengine-mcp-bridge"
      ]
    }
  }
}

Open Claude Desktop → Settings → Developer → Edit Config. Restart after saving.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "cheatengine-mcp-bridge": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/miscusi-peek/cheatengine-mcp-bridge"
      ]
    }
  }
}

Cursor uses the same mcpServers schema as Claude Desktop. Project config wins over global.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "cheatengine-mcp-bridge": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/miscusi-peek/cheatengine-mcp-bridge"
      ]
    }
  }
}

Click the MCP Servers icon in the Cline sidebar, then "Edit Configuration".

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "cheatengine-mcp-bridge": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/miscusi-peek/cheatengine-mcp-bridge"
      ]
    }
  }
}

Same shape as Claude Desktop. Restart Windsurf to pick up changes.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "cheatengine-mcp-bridge",
      "command": "TODO",
      "args": [
        "See README: https://github.com/miscusi-peek/cheatengine-mcp-bridge"
      ]
    }
  ]
}

Continue uses an array of server objects rather than a map.

~/.config/zed/settings.json
{
  "context_servers": {
    "cheatengine-mcp-bridge": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/miscusi-peek/cheatengine-mcp-bridge"
        ]
      }
    }
  }
}

Add to context_servers. Zed hot-reloads on save.

claude mcp add cheatengine-mcp-bridge -- TODO 'See README: https://github.com/miscusi-peek/cheatengine-mcp-bridge'

One-liner. Verify with claude mcp list. Remove with claude mcp remove.

Use Cases

Real-world ways to use cheatengine-mcp-bridge

How to solve a CTF memory analysis challenge with Cheat Engine MCP

👤 CTF participants working on binary exploitation or game hacking challenges ⏱ ~30 min intermediate

When to use: You have a CTF challenge that requires finding and manipulating values in a running process.

Prerequisites
  • Windows with Cheat Engine installed — Download from cheatengine.org
  • MCP bridge running — pip install -r MCP_Server/requirements.txt
Flow
  1. Scan for the target value
    Attach to the CTF challenge process and scan for an integer value of 100 (my current score).✓ Copied
    → List of memory addresses containing the value 100
  2. Narrow down the address
    I changed the score to 95. Rescan to find which address actually holds the score.✓ Copied
    → Filtered list with likely candidate addresses
  3. Trace the pointer chain
    Find the pointer chain to this address so we can reliably locate it after restart.✓ Copied
    → Stable pointer path from base module

Outcome: A reliable pointer chain to the target value for the CTF solution.

Pitfalls
  • Value stored as float instead of integer — Try scanning as float or double if integer scan returns no results

Reverse engineer game data structures with AI assistance

👤 Game modders and reverse engineers analyzing proprietary software they own ⏱ ~45 min advanced

When to use: You want to understand the memory layout of a program's data structures for educational purposes.

Prerequisites
  • Cheat Engine + MCP bridge running — pip install mcp pywin32
  • Target process you own or have authorization to analyze — Launch the application
Flow
  1. Dissect the structure
    Attach to the process and dissect the data structure at address 0x1A3F0000. Identify field types and sizes.✓ Copied
    → Structure layout with field offsets, types, and likely names
  2. Find RTTI class info
    Check if this address has RTTI information. What C++ class does it belong to?✓ Copied
    → Class name and inheritance chain from RTTI

Outcome: A documented data structure layout with field types and class hierarchy.

Pitfalls
  • RTTI stripped from release builds — Fall back to manual structure dissection and pattern analysis

Combinations

Pair with other MCPs for X10 leverage

cheatengine-mcp-bridge + filesystem

Export discovered structures and pointer maps to files for documentation

Document the data structures we found and save them as a markdown file in my notes folder.✓ Copied

Tools

What this MCP exposes

ToolInputsWhen to callCost
read_memory address: str, size: int Read raw bytes from a memory address 0
read_integer address: str, size?: int Read an integer value from memory 0
scan_all value: str, type: str Scan process memory for a specific value 0
aob_scan pattern: str Search for a byte pattern (array of bytes) in memory 0
disassemble address: str, count?: int Disassemble instructions at an address 0
dissect_structure address: str, size?: int Auto-detect structure layout at an address 0
get_rtti_classname address: str Get the C++ class name via RTTI for an object pointer 0
set_breakpoint address: str, type?: str Set a hardware breakpoint for debugging 0

Cost & Limits

What this costs to run

API quota
N/A — all local
Tokens per call
200–1000 tokens per tool call
Monetary
Free — requires Cheat Engine (free) and Windows
Tip
Use targeted scans (aob_scan, read_integer) instead of full memory dumps to reduce output size.

Security

Permissions, secrets, blast radius

Credential storage: N/A — local tool, no external credentials
Data egress: All operations are local via Named Pipes. No network calls.

Troubleshooting

Common errors and fixes

Named Pipe connection failed

Ensure Cheat Engine is running and the Lua bridge script is loaded. Check that both CE and the MCP server run with matching privilege levels (both admin or both user).

Verify: Check Cheat Engine's Lua console for pipe creation messages
Access denied reading memory

Run Cheat Engine as Administrator. Some processes require elevated privileges for memory access.

Verify: Right-click Cheat Engine → Run as Administrator
Scan returns no results

Try different value types (float vs int, 4-byte vs 8-byte). The value might be stored in an unexpected format.

Verify: Try a scan with 'All' value type

Alternatives

cheatengine-mcp-bridge vs others

AlternativeWhen to use it insteadTradeoff
ida-pro-mcpYou need static binary analysis and disassembly rather than live memory manipulationStatic analysis only but much deeper code understanding
mcp-windbgYou need kernel-level debugging or crash dump analysis on WindowsMore powerful debugging but steeper learning curve

More

Resources

📖 Read the official README on GitHub

🐙 Browse open issues

🔍 Browse all 400+ MCP servers and Skills