Masking before scans scan help in situations where many regions get deallocated, causing a huge performance hit when throwing all of the ScanFailedExceptions

Its non existent, add it to the struct.

Add a manual scanning mode similar to CE, except with the option to apply multiple constraints.

When this is functional, this will be the foundation for creating FSM scans

The MVPs scattered around make this project much easier to maintain, however they are highly redundant, and can likely be combined into a generalized framework.

They are generally quite confusing to create under the current system, although they are rather clear in functionality once finished. Preferably both of these things would be easy.

Ideally they would allow the user to specify upsteam and downstream 'events' and 'Actions', though the details of this need to be explored

UIntPtr makes the most sense, as a pointer should be positive, but changing this would be painful. Does this matter?

RegionSize is being casted to an int from the Virutalpage's Information.RegionSize field, this is probably fine, but perhaps technically invalid.

Test code for 32 bit.

Remove all of the #if x86 preprocessing and instead rely on IsWoW64 or the size of IntPtr in some sort of helper class as the previous versions of Anathema did.

Send updated project directory to target process so that content loading works properly when the project directory changes (ie save as -> new location)

This will matter for hooked graphics that use the project root to find relative locations for file loading

Update: This is low priority, as the graphics hook has not been in development for awhile

There is no reason not to and this solves a lot of problems.

Just like photoshop layers, things should be lockable.

Tree Scans, Chunk Scans should not have previous values saved, wastes memory.

The current one in use is the structure defined in MemoryBasic32. This should be switched around. MemoryBasic64 should be the standard, and in the case of calls to 32, the information should be copied to the 64 bit version of the struct.

Details of this are too underdeveloped right now.

http://www.codeproject.com/Articles/27849/WaterMark-TextBox-For-Desktop-Applications-Using-C

Watermark text should indicate that the value parameter is optional or some shit

Results should only be querying the OS for updates on the < 20 addresses that are shown. This requires some info to be passed up and down the MVP.

Right now each individual element is tested, this can likely be moved to the prior abstraction level with a performance gain.

This needs to be moved into the model layer of the MVP and sent up to the GUI as needed

Event driven finite state machine filter implementation. Requires specification of data type it is tracking. Should watch each variable, take snapshots to determine if the state has changed.

Events can be:
Increased/Decreased
Changed
Comparison
Unchanged (Loop to self)

Slow tasks (ie 10 levels deep pointer scan) will pretty much never end, and the program will get locked up.

All scans should be cancelable

Be able to delete old snapshots

Details of this are too underdeveloped right now.

It may be possible to add complex but powerful events, such as the ability to cache seen values, and if the state changes but arrives at a seen value, then we can raise an event for that. (onDuplicate)

Implement some sort of GUI to build FSMs, using an MVP.

I am very unconcerned with the looks of this currently. In the future I will likely switch to WPF, in which case if this uses ugly winforms painting it will not be the end of the world.

Since we aggressively merge, we need to be masking on read fail to prevent the entire region from going down

This will take some care to prevent issues down the road in the various scanners

Add support for various game controllers, or just some form of mapping of all possible input events if this is possible.

Elements are getting bulky, and as an effect costly to allocate and deallocate constantly. Just make some sort of caching for these (Dictionary<Index, SnapshotElement>)

Max displayed is Int.MaxValue so we need to cap at 2 billion (or less, honestly)

Loading an old snapshot and creating a new snapshot dependent should cause a 'fork' in the history, and this should probably be reflected somehow.

Determine how to preserve labels and merge labeled snapshot regions. May need some form of tie breaker on labels for duplicate entries, though this should never happen.

Need to allow option of forward/backwards/nearest searches (comparing input to nearest scan data point).

Implement region masking. Simply call virtualqueryex and mask the results with a dead memory region (which may be discovered during filtering or labeling). This will allow the recovery of valid regions after an invalid read to a memory chunk.

In filters/labelers, instead of keeping a list of memory regions just grab a reference to the initial snapshot.

Rather than accessing the parallel arrays it may be useful to make manipulations via some form of element wrapper, where paired items (current/previous/label) can be read and written without concern for the underlying arrays.

Be able to change the active snapshot

Right now the hook will persist in the original process, which is bad

Update: This is super low priority, the graphics hooks are not being developed right now

As many snapshots become in active use, RAM utilization will be high, and I/O will be needed. Keep the active snapshot in RAM.

EDIT: This may not be as bad as I thought. I'll need to figure this out regardless.

The bottleneck for scans is the actual iteration, not reading the large chunks of memory. It is unclear if switching to I/O storage for this memory will greatly influence scan times.

The classes for syntax checking of each data type are highly redundant and require templating, and perhaps some reorganization in general.

All of the functionality is in the GUI. This should be separated into an MVP design.

This is useful when we move to finite state scanners, which should be pretty fucking awesome.

Implement labeler which labels based on number of increases, decreases, or changes.

When adding a process, the following code is used to keep alignment:
ProcessListView.Columns.Add(" Processes");

Which is bad and non-adaptive.

Right now scanners must inherit both from the abstract class and the MVP, there is probably a way to merge these. Perhaps by making all models abstract?

Editing attributes for multiple address items at once needs to be enabled

The chunk size should be determined algorithmically based on the initial input size

1GB -> 1KB
1MB -> 32B

Find a formula bitch

Memory editor batch read/write calls would be a good addition for the far future, as the OS API calls are the bottleneck for most of these types of operations.

Concatenating contiguous memory accesses would be ideal.

Move functionality to an MVP

Implement memory tables. This entails:
An MVP to interact with the class. GUI will need to be able to edit a table and send updates to the state of an entry (checked, unchecked).

Backend will need to propagate new labels back to the GUI (values)

Items that can make it to a table are:
Script (Enable/Disable - ASM)
Address (Freeze/Unfreeze - Description - Address - DataType - Value)

A process can close before comparisons, raising this exception.

Figure out if there is some sort of way to compute the correlation in the form of an online algorithm. Although the current implementation will generally not cause issues when used with hash trees for the most part, eventually the input correlator will run out of memory if left on its own.

Based on the disabled Settings class, standard virtual memory pre-filtering settings should be enabled, with the ability for the user to update and save them.

The values are meant to be kept together, so a struct can solve this. Since snapshot and snapshot are different, we may be able to use the new keyword to hide the base struct.

Snapshot
struct{
Address,
CurrentValue
PreviousValue}

snapshot
new struct{
Address,
CurrentValue
PreviousValue
Label}