1. Server
2. Client
3. driver mapper
4. Read Mapper
5. Driver
6. EFI boot loader
7. EFI runtime
Server functionality:
- Prepare binary file for startup (client modules, driver and cheat)
- Support for 32- and 64-bit PE files
Client functionality:
- Console design
- Authorization with keys
- TLS traffic encryption
- Loading modules from the server (3 and 4 parts) with the ability to add new ones if needed
EFI modules are used for driver loading and memory hiding protection (discussed below).
Protection in user mode:
- Debug and integrity checks (test mode, kernel debugging, disabling driver signature checking)
- ScyllaHide hook detection
Protection in kernel:
- Same debugging and integrity checks as in user mode; computer shuts down if violated
- Deny access to open bootloader and game descriptors from user mode
- Hiding of allocated memory for critical modules (cheat, loader modules).
Memory hiding is implemented similarly to EAC/Vanguard: this memory can be used only from allowed threads (belonging to target processes).
The injector supports only 64-bit processes. If you need to inject into 32-bit games, you can either drop the memory hiding protection and add 2 functions to the driver to support it, or modify the cheat so that it can run in 64-bit environment and use transitions from 32 to 64 and back for k
Contact me for details:
TG - @
Discord - ammoadmin






