arc probe
if cheat engine and claude had a baby.
arc probe is a real-time process memory inspector built for AI agents. inject a DLL into any Windows x64 process, then read memory, disassemble x86-64, scan patterns, set breakpoints, resolve RTTI — all through structured JSON over TCP.
the GUI exists to show the human what the AI is doing. a human can drive it. claude can drive it. or both can work together.
- 65 commands over TCP — memory read/write, disassembly, RTTI, pattern scan, breakpoints, hooks, threads
- agent-first design — Claude Bridge API lets AI control the GUI programmatically
- struct editor with live memory values and recursive pointer drill-down
- works with any x64 process — no game-specific code required
status: early access. download binaries from Releases, install the Claude Code plugin, and start inspecting.
what it looks like
struct editor — live memory values
define structs from schema dumps or manually, then watch values update in real-time. pointer fields expand inline to show nested structures. the AI builds these programmatically through the Claude Bridge.
hex viewer
navigate any address in the process. PE headers, entity memory, vtables — click any byte to see every type interpretation in the data inspector. bookmarks and labels for quick navigation.
disassembler
color-coded x86-64 disassembly with resolved addresses and labels. trace function calls, identify globals via RIP-relative addressing, understand code flow.
console — structured JSON
every command returns structured JSON. the console renders it with syntax highlighting and collapsible trees. type commands directly or let the AI drive.
struct hierarchy — full inheritance chain
the AI built 12 struct definitions covering a 14-level C++ inheritance chain — 218 fields total — all from schema dumps + live memory verification. pointer drill-down lets you expand nested structs inline.
get started
1. download
grab the latest release from Releases. extract the zip — you get three files:
| file | size | what it does |
|---|
probe-shell.dll | 2.7 MB | the injected DLL — TCP server with 65 commands, Zydis disassembler, VEH breakpoints, RTTI scanner |
probe-inject.exe | 710 KB | manual-map DLL injector — no LoadLibrary, DLL won't show in module list |
probe.exe | 910 KB | CLI client — sends a command, prints JSON, exits. REPL mode with no args |
add the folder to your PATH or use full paths. needs Windows 10/11 x64 and administrator privileges.
2. inject and explore
# inject into any running process
probe-inject.exe notepad.exe
# health check
probe.exe ping
# {"ok":true,"data":{"response":"pong"}}
# what's loaded?
probe.exe --pretty status
# hex dump the PE header
probe.exe "dump 0x7FF701AB0000 64"
# disassemble 5 instructions
probe.exe "disasm 0x7FF701AB1000 5"
# find all C++ classes via RTTI
probe.exe "rtti scan Notepad.exe --limit 10"
# pattern scan with wildcards
probe.exe "pattern 48 8B 0D ?? ?? ?? ?? 48 85 C9 client.dll --resolve 3"
3. install the claude code plugin
/plugin marketplace add vzco/arc-probe
/plugin install arc-probe
now you have 14 reverse engineering skills. claude can inject, scan, disassemble, map structs, trace writes, and build full class hierarchies — autonomously or alongside you.
say /arc-probe:inject to start, or just describe what you want: "find the function that handles player damage" and claude will orchestrate the right tools.
claude code skills
the plugin gives claude structured playbooks for common RE tasks. each skill is a step-by-step workflow that claude follows, using the probe CLI under the hood.
