Signature scanning is just scanning for unique bytes from a compiled function that will remain consistent across builds. You search memory for those bytes and when you find them, you find the function you're interested in.

Here's an example from some shellcode loader I wrote: https://github.com/exploits-forsale/solstice/blob/c3fc9a55c6...

From my limited experience, it refers to the act of reverse engendering the function (signatures) contained the code of a binary.

A binary, like the underlying code, has commonly used code split into functions that may get called in multiple places. These calls can be analyzed either through static analyzers or by a human, who may analyze context of the callsite to guess what each Arg is supposed to do/be.

For modding, e. G. in a single player game, one might want to find out where the engine adjusts the health points of a player or updates progress.