Self-hosted licensing, protection, and remote execution platform for your P2C or other tools. Full source code. Lifetime deployment rights. One year of updates included.
This replaces the typical workflow of cobbling together a key checker, a Discord bot for HWID resets, and manual DLL distribution. Everything is unified under one system with one admin panel.
What's Included?
License & Device Management
Integrity Validation
The client collects runtime telemetry (anti-debug state, module information) and transmits it to the server on every heartbeat. The server validates this against configurable baselines and enforces the selected policy automatically: session revocation, device ban or license freeze.
Server Mapper
Upload a compiled PE template (DLL or driver) through the panel. The server parses the PE, builds the mapped memory image, applies relocation fixups, strips the file headers, and encrypts the raw image bytes. The client receives a flat memory image with no PE headers and only needs to allocate memory, copy the bytes, resolve imports, and jump to the entry point. Nothing is written to disk at any stage.
Reseller Portal
Admin Panel
Client SDK
C++20 SDK with CMake support
Technical Stack
Server: Fastify 4, TypeScript
Database: SQLite, WAL mode
Admin Panel: Next.JS, Tailwind
Client SDK: C++20, libcurl, OpenSSL
Password Hashing: Argon2
Data Encryption: AES-256-GCM
Key/Token Hashing: HMAC-SHA256 with server pepper
Server-Side Loader: Pure JS PE parser + flat image builder + relocation engine
Pricing
Lifetime License - €499 (first hand, then raised)
Full source code. One year of updates. All features. No recurring fees
Deliverables
Code Protection Support
Examples include proper usage of VMProtect and Themida. Virtualization and Mutation. We have analysed countless samples in this community, a high majority (if not all) use these protectors incorrectly.
FAQ
Q: Can I resell this auth platform to other developers?
A: The base license covers one deployment for your own projects. Multi-tenant or resale as a hosted service requires an extended license and source. Contact for details.
Q: Does the server mapper modify the binary code?
A: The server does not obfuscate, virtualize, or mutate instructions. What the server does is parse the PE, lay out sections into a flat mapped memory image, apply relocation fixups for a chosen base address, and strip file headers. The machine code bytes inside the sections remain identical to your original template. The client receives this flat image and only needs to allocate memory, copy bytes, resolve imports, and execute.
Q: Can I use driver templates with the server mapper?
A: Yes, with the understanding that kernel-mode mapping is your responsibility. The server encrypts and delivers `.sys` files. The SDK includes a usermode mapper stub. You must provide your own kernel stub that handles kernel-mode allocation, relocations, and `DriverEntry` invocation.
Q: What exactly does the integrity validation check?
A: The specifics are not documented publicly. The client collects runtime state and the server validates it against policy. Publishing the exact checks would aid evasion. The relevant detail is that tampered clients are detected and handled according to your configured policy.
Terms
Coming Soon as additional services (not source)
Contact & Purchase
Telegram: @vxpaid
DM for payment details, source details or other services details.
Serious inquires only.
You can negotiate, if you want :)
This replaces the typical workflow of cobbling together a key checker, a Discord bot for HWID resets, and manual DLL distribution. Everything is unified under one system with one admin panel.
What's Included?
License & Device Management
- 25-char alphanumeric keys, stored as HMAC-SHA256 hashes. Raw keys are never persisted
- HWID binding on first activation. Device limit enforced per license
- Cross-license device bans. A banned HWID is blocked from activating any license in the system
- License states: active, frozen, revoked
- Session-based heartbeats with 24-hour expiry. Individual sessions can be revoked from the panel
- User self-service dashboard: users log in with their key to view bound devices and request HWID resets (configurable by you)
Integrity Validation
The client collects runtime telemetry (anti-debug state, module information) and transmits it to the server on every heartbeat. The server validates this against configurable baselines and enforces the selected policy automatically: session revocation, device ban or license freeze.
- Validation logic is server-side. Client telemetry is collected and sent; server decides the outcome
- Version enforcement: maintenance mode, blocked versions and forced updates are controlled from the panel without client redeployment
- No hardcoded checks in the client binary that can be patched out with a single byte change
Server Mapper
Upload a compiled PE template (DLL or driver) through the panel. The server parses the PE, builds the mapped memory image, applies relocation fixups, strips the file headers, and encrypts the raw image bytes. The client receives a flat memory image with no PE headers and only needs to allocate memory, copy the bytes, resolve imports, and jump to the entry point. Nothing is written to disk at any stage.
- No decrypted files on the client filesystem
- Client never sees PE headers. Server handles section layout and relocation fixups
- Supports usermode DLLs and .sys driver templates
- Client SDK includes a lightweight loader stub: memory allocation, import resolution, TLS callbacks, and entry point invocation. No full manual map required
- Admins can push new builds to active licenses from the panel without forcing users to manually download updates
Reseller Portal
- Create reseller sub-accounts with restricted panel access
- Assign credit quoates. Resellers burn credits to create licenses
- Reseller dashboard shwoing licenses created, credits remaining and basic usage
Admin Panel
- Dashboard: license totals, active devices, recent audit activity
- Licenses: create, edit, freeze, revoke, extend. View devices, sessions, variables, and bans per license
- Devices: ban, unban, reset HWID. Cross-license ban status visible
- Variables: per-license and global variables. Sensitive values encrypted with AES-256-GCM
- Sessions: view active sessions, revoke individually
- Audit Logs: full record of every system action with actor and target
- Server Mapper: upload templates, trigger builds, view artifact status
- Reseller Portal: sub-account and credit management
Client SDK
C++20 SDK with CMake support
- License activation and heartbeat
- Session token management
- Variable retrieval (global and per-license)
- Encrypted flat image download with memory-only loader. Server handles PE parsing and relocation; client allocates, copies, resolves imports, and jumps
- Telemetry collection for server-side integrity validation
Technical Stack
Server: Fastify 4, TypeScript
Database: SQLite, WAL mode
Admin Panel: Next.JS, Tailwind
Client SDK: C++20, libcurl, OpenSSL
Password Hashing: Argon2
Data Encryption: AES-256-GCM
Key/Token Hashing: HMAC-SHA256 with server pepper
Server-Side Loader: Pure JS PE parser + flat image builder + relocation engine
Pricing
Lifetime License - €499 (first hand, then raised)
Full source code. One year of updates. All features. No recurring fees
Deliverables
- Server source
- Panel source
- Client SDK
- Setup documentation
- Personal support
- Low-cost/free hosting advice
Code Protection Support
Examples include proper usage of VMProtect and Themida. Virtualization and Mutation. We have analysed countless samples in this community, a high majority (if not all) use these protectors incorrectly.
FAQ
Q: Can I resell this auth platform to other developers?
A: The base license covers one deployment for your own projects. Multi-tenant or resale as a hosted service requires an extended license and source. Contact for details.
Q: Does the server mapper modify the binary code?
A: The server does not obfuscate, virtualize, or mutate instructions. What the server does is parse the PE, lay out sections into a flat mapped memory image, apply relocation fixups for a chosen base address, and strip file headers. The machine code bytes inside the sections remain identical to your original template. The client receives this flat image and only needs to allocate memory, copy bytes, resolve imports, and execute.
Q: Can I use driver templates with the server mapper?
A: Yes, with the understanding that kernel-mode mapping is your responsibility. The server encrypts and delivers `.sys` files. The SDK includes a usermode mapper stub. You must provide your own kernel stub that handles kernel-mode allocation, relocations, and `DriverEntry` invocation.
Q: What exactly does the integrity validation check?
A: The specifics are not documented publicly. The client collects runtime state and the server validates it against policy. Publishing the exact checks would aid evasion. The relevant detail is that tampered clients are detected and handled according to your configured policy.
Terms
- No refunds on digital source code sales.
- No resale of the source code as a standalone product. You may sell licenses to your own tool; you may not sell this platform itself.
- Support is provided personally through telegram
- Updates are provided for one year from the purchase date. Bug fixes are pushed as patches. Feature requests are evaluated but not guaranteed.
Coming Soon as additional services (not source)
- 1 Year access to binary mutation platform during binary processes. This means all functions can be transformed inside of a binary safely without PDB or MAP file required, keeping your IP safe whilst mutating client loaders, cheat DLLs or drivers. Contact for more information.
- Offload sensitive functions or instructions to server to be executed in a sandboxed environment
Contact & Purchase
Telegram: @vxpaid
DM for payment details, source details or other services details.
Serious inquires only.
You can negotiate, if you want :)