sebwebneb

Previously known as moneyissogood whilst contributing to thousands of people through teaching and open research. I've built numerous, at the time undetected, offensive projects that I plan to release on GitHub over time as part of my portfolio, including kernel drivers for memory R/W that were eventually detected through responsible disclosure.

Breaking anti-cheat systems to make them better, focusing on the theory and detections.

Projects

User-Mode EAC Bypass

Usermode bypass for Fortnite's EAC Config, circumventing memory protection without kernel access. Disclosed and being triaged by Epic Games.

EAC•Epic Games•Disclosed

EAC NMI Callback Bypass

Full bypass of EAC's NMI callback detection by spoofing the stack frame entirely, rather than redirecting or blocking. Prevents EAC from building a behavioral profile.

EAC•Kernel•NMI

EAC Cryptographic Protocol Reversal

Full reversal of EAC's AES-256-CBC + ECDSA-P256 implementation. Extracted keys from obfuscated code and mapped the driver enumeration anti-spoofing system. Hides DMA devices from Windows while maintaining full read/write capability, only detectable via ECAM bruteforce which no current anti-cheat performs.

EAC•Cryptography•Reverse Engineering

ByeKDMapper

Usermode detection for the latest KDMapper exploiting iqvw64e.sys. Clearly identifies it with zero false positives, accurate enough to base decisions on.

Detection•Usermode•KDMapper

Writing

Reversing EasyAntiCheat's Cryptographic Protocol

Emulating EAC: Part 1 →

Understanding Anti-Cheat Architecture

Technical deep-dive →

Leveraging Vanguard's Architecture

221 KB slack space exploitation →

Experience

My Journey

From cheats to security research →

Contact

[email protected]github.com/sebwebneb