Experience
My path into security research was unconventional. I started by building game cheats, which taught me kernel-level Windows internals, anti-cheat evasion, and reverse engineering. After realizing I was more interested in understanding detection systems than bypassing them, I transitioned to defensive security research.
Security Researcher
Officially quit cheating and dedicated my time to legitimate security research through Epic Games' HackerOne program.
- • Deobfuscated 26% of EasyAntiCheat's kernel driver through static analysis
- • Developed full bypass to EAC's NMI callbacks by spoofing the frame completely rather than redirecting or blocking
- • Submitted multiple valid vulnerability reports to Epic Games and received payment
- • Focused on memory scan evasion and flawed IOCTL detection methods
- • All research conducted through independent static reversal and deobfuscation
Independent Research
Deep learning period focused on kernel internals and reverse engineering techniques.
- • Studied kernel documentation and Windows internals extensively
- • Learned devirtualization techniques for obfuscated code
- • Became proficient with IDA Pro and advanced reverse engineering
- • Understanding of MBA (Mixed Boolean-Arithmetic) obfuscation
- • This period accelerated my technical growth more than any other
Head Cheat Engineer - spinbot.gg
Formal salaried position as lead kernel engineer. Interviewed and hired to design anti-cheat evasion systems for a commercial product with 1,000+ customers across 30+ rebranded providers.
- • Designed and maintained the kernel driver with active EAC evasion
- • 1,000+ sales across 30+ rebranded providers in the community
- • Fixed monthly salary, 2-3 days/week with 24/7 emergency patch availability
- • Developed auto-updating system using signature scanning instead of hardcoded offsets
- • Dumped Fortnite's executable to locate and maintain offset updates
- • Guided support members and taught them kernel concepts and how the system worked
- • Collaborated with other developers through calls to discuss techniques and improvements
- • Eventually detected due to usermode anomalies I wasn't aware of at the time
- • Ban wave affected all users from past 14 days - decided to quit and left on good terms
This ban wave was a wake-up call that shifted my focus from evasion to understanding the full detection surface.
Avaddon (Private Project)
Developed external driver-based cheat with a friend, combining usermode and kernel components.
- • Built external driver with friend handling usermode (Unreal Engine) while I handled kernel evasion
- • Sold to 100+ clients and remained undetected for several months
- • Developed custom mini mutation engine to randomize each driver build
- • Learned assembly concepts while implementing per-build randomization
- • Eventually detected when EAC gathered enough telemetry to block the disk deletion method
venus.lol (Rebranding Business)
Rebranded from Pluto Cheats. Conducted research on spoofers and sold rebrands to providers.
- • Conducted immense research on hardware ID spoofers
- • Sold rebrands to 10+ different providers, generating approximately $1,200
- • Successfully bypassed EAC and BattlEye identifiers at the time
- • Eventually went bust due to not understanding how to find new identifiers
Pluto Cheats (Learning Phase)
My first project in this space. Pure learning through trial and error.
- • Introduced an internal cheat for Fortnite which I had no idea how it worked - pure learning
- • Distributed free to users, no charges
- • Developed a temporary spoofer using public methods I didn't understand at the time
- • Foundation for everything that came after
This timeline represents my unconventional path into security research. I'm transparent about my past because the technical skills gained are genuine, regardless of how they were acquired. The right employer will value real-world kernel experience and demonstrated growth.