// MCP TOOL REFERENCE

NEVERCHEESE PCILEECH MEMPROCFS TOOLS

37 tools from the Nevercheese Pcileech Memprocfs MCP Server, categorised by risk level.

View the Nevercheese Pcileech Memprocfs policy →
// ALL 37 NEVERCHEESE PCILEECH MEMPROCFS TOOLS
READ 29 tools
Read aob_scan Array-of-bytes pattern scan with ?? wildcard support in a process Read device_status Check the current DMA/FPGA device connection status. Read memory_diff Snapshot and diff a memory region to detect changes. Replaces the manual Cheat Engine Read memory_dump Dump a range of physical memory to a file on disk. Use this for large reads that Read memory_format Read memory and display it in human-readable formatted views: hex dump with ASCII sidebar, Read memory_probe Discover which physical memory ranges are readable on the target system. Read memory_read Read raw bytes from the target system Read memory_search Search physical memory for a hex byte pattern. Scans memory in 1MB chunks. Read module_dump Dump a complete PE module (EXE/DLL) from a process Read module_exports List all exported functions (Export Address Table) from a loaded module. Read module_imports List all imported functions (Import Address Table) from a loaded module. Read module_list List all loaded modules (DLLs/EXEs) for a specific process on the target system. Read pe_sections Enumerate PE sections (.text, .rdata, .data, .bss, etc.) of a loaded module. Read pointer_read Follow a multi-level pointer chain and read the value at the final address. Read pointer_scan Discover unknown pointer chains from static module bases to a target address. Read process_list List all running processes on the TARGET system (the machine connected via DMA, not the local machine). Read process_regions List all virtual memory regions (VAD entries) for a process with protection flags. Read process_virt2phys Translate a process Read rtti_scan Scan a module for MSVC C++ RTTI (Run-Time Type Information) to discover class names, Read scatter_read Batch-read multiple disjoint memory regions in a single DMA operation (~10x faster than Read string_scan Scan process memory for ASCII and/or UTF-16LE strings. Read struct_analyze Heuristically analyze a memory region to identify likely data types at each offset. Read system_info Get information about the DMA connection, target system, and FPGA device. Read translate_virt2phys Translate a virtual address to a physical address using a raw CR3 page table base. Read ue_dump_names Read Unreal Engine FNamePool and dump all name entries from a running UE game. Read ue_dump_objects Read Unreal Engine FUObjectArray and dump all UObject entries from a running UE game. Read ue_dump_sdk Generate C++ SDK headers from UE reflection system. Walks the class hierarchy, Read unity_il2cpp_dump Find and parse IL2CPP metadata from a running Unity game. Automatically locates Read xref_scan Find all code instructions and data pointers that reference a target address.
WRITE 1 tools
Write memory_patch NOT YET IMPLEMENTED. Signature-based patching (.sig files) is a pcileech CLI feature
EXECUTE 6 tools
Execute device_reconnect Reconnect to the DMA/FPGA device after a previous device_disconnect. Execute benchmark Measure DMA read/write throughput in MB/s. Use this to verify the FPGA device Execute fpga_config Read or write the FPGA Execute memory_write Write bytes to the target system Execute signature_resolve Find a byte pattern and resolve the operand to a target address — all in one step. Execute tlp_send Send and/or receive raw PCIe Transaction Layer Packets (TLPs). FPGA devices only.
OTHER 1 tools
Other device_disconnect Disconnect from the DMA/FPGA device, freeing it for external use.

Route Nevercheese Pcileech Memprocfs through PolicyLayer and every one of its 37 tools is checked against your policy before it runs.

CHECK YOUR STACK →

See every tool, the dangerous ones, and the token cost across your stack.

// FAQ
How many tools does the Nevercheese Pcileech Memprocfs MCP server have? +

The Nevercheese Pcileech Memprocfs MCP server exposes 37 tools across 4 categories: Read, Write, Execute, Other.

How do I enforce policies on Nevercheese Pcileech Memprocfs tools? +

Route the Nevercheese Pcileech Memprocfs server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard; they are enforced on every call before it reaches the server.

What risk categories do Nevercheese Pcileech Memprocfs tools fall into? +

Nevercheese Pcileech Memprocfs tools are categorised as Read (29), Write (1), Execute (6), Other (1). Each category has a recommended default policy.

Enforce policy on every Nevercheese Pcileech Memprocfs tool call.

Start from Nevercheese Pcileech Memprocfs, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.

CHECK YOUR STACK →

Free to start. No card required.

43,000+ MCP servers and 220,000+ tools scanned and risk-classified.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.