Newbie Spellweaver
- Joined
- Apr 9, 2018
- Messages
- 29
- Reaction score
- 3
CE is very hard to block. especially private CE.
If you are in kernel mode, you could useYou must be registered to see linksto intercept OpenProcess attempts from user mode.
Obs: I wouldn't recommend hooking syscalls.
Thank you so much,
I am noob to kernel driver stuff so can you give me a simple code or some github repo for an example
I personally would not recommend touching drivers if you have no idea how they work. Especially if it's going to be intended as an Anti Cheat service for your Clients. Unless you have the financial ability to add a CSC to the driver to whatever game you're working on. Otherwise you're going to have to inform all users to Disable Driver Signature Enforcement.
I just build my house made anti cheat in Usermode instead. I run integerty checks and hash the entire application after I implement my own modifications. This way, if any after modifications gets detected. I simply just close the entire client down.