PyMemoryExplorer
A lightning speed CPython object explorer via pure memory reading.
Report Bug · Request Feature
Table of Contents
About The Project
PyMemoryExplorer can scan and parse objects contained in a CPython program.
The application of this library may vary. Often this is useful to fetch information from a 3rd party software that is using a Python interpreter.
It can also be used for high-performance debugging needs, where eval is too slow to do the job.
Part of this library contains source code from CPython.
Features
PyMemoryExplorer come with two features:
- Object Scanner - it finds the base address of a linked list named
_gc_headin CPython and scans it to find all Python Object that the garbage collector manages. - Object Parser - it supports to read the memory of a object and parse it into C++ Objects for developer to use
Usage
Please check PyMemoryExplorerTest which demonstrate basic usage of this library.
Please read known limitations before use.
Object scanning via _gc_head
Parsed PyDictObject
Parsed PyListObject(all the numbers are the memory address that points to the object in this list.)
Parsed PyTupleObject
Walk through a PyTupleObject and parse str in it.
All the basic data types is supported
Known Limitations
- This library is hardcoded for official CPython 2.7.18 x64. However, only minimal effort should be needed to support other versions and architecture of CPython.
- The target Python program can be running and change the object while it's reading, so object parsed can be partial or incorrect in some cases. To avoid this, simply pause the interpreter while reading memory.
- To ensure its performance, this library is hardcoded to omit object contents too much stuff, such as a
dictwith 10000+ objects. You should read the source code and update them correspondingly.
- This project was compiled using MSVC 2019.
