So, I have the virtual function table pointer for a class instance. The executable has RTTI embedded so I have class names as well as class hierarchy and inheritance information. I'm able to scan for all instances of said class within CE using the vftable pointer (Since the virtual function table is always the first entry in a class, unless it's a derived class I think).

However, I'm trying to be able to enumerate over instances of these classes from within my DLL that will be injected into the target process. I've implemented memory scanners in the past in C++ for this very purpose but man is it clunky and not clean.

I know this program has an array of these class pointers because I've located it in the past but while clearing space on my hard drive I deleted the Visual Studio project that had the offset to it hardcoded in a .cpp file. :|

So I'm wondering if anyone knows of a clean method of searching for arrays of pointers within CE? At the moment the only method I can think of is gathering the address for every instance of the class which is like 50. Scanning for pointers to each class then comparing results to see if they're within the same memory region at specific offsets from each other.

This method is tried and true, however it's painful and slow.

In any case, hoping someone knows of a way to scan for pointer arrays within CheatEngine. Thanks.