A modular anti-cheat framework designed to detect and prevent common cheating techniques in FPS-style games. Inspired by Valorant’s Vanguard system, this project focuses on detection components without invasive enforcement.
SentinelGuard is a modular anti-cheat framework that detects and prevents common cheating techniques in first-person shooter (FPS) games. It includes components for detecting a variety of cheating methods such as aimbots, wallhacks, and more, while focusing on providing detection without enforcement.
flowchart TB
A["Detection Configuration<br/>Capture · Rules · Output"] --> B["SentinelGuard Core"]
B --> C["File Integrity Monitoring<br/>Baseline Hashing & Integrity Checks"]
B --> D["Memory Monitoring<br/>Suspicious Pattern Detection"]
C --> E["Self-Integrity System<br/>Anti-Tamper for Module"]
C --> F["File Integrity System<br/>Monitors Game Files for Changes"]
D --> G["Debugger Detection<br/>Checks for Debugger Attachments"]
D --> H["Memory Pattern Detection<br/>Detects Code Injection Attempts"]
F --> I1["Honeyfile Detection<br/>Tampering Detection via Honeypot"]
F --> I2["Integrity Violation Detection<br/>Missing/Modified Files"]
E --> J1["Baseline Signature Verification<br/>RSA-PSS Signature"]
E --> J2["Self-Integrity Check<br/>Module Hash Check"]
G --> K["Game Termination<br/>Simulated Forced Termination (Critical)"]
H --> K
I1 --> K
I2 --> K
J1 --> K
J2 --> K
F --> L["Encrypted File Integrity Baseline<br/>AES-256-GCM & RSA-PSS"]
L --> M["Logs<br/>Event Logging for Integrity & Debugging"]
M --> N["Log Outputs<br/>[INFO], [WARNING], [ERROR], [CRITICAL]"]
F --> O["File Hash Calculation<br/>SHA-256 File Hashing"]
O --> P["Baseline Decryption<br/>AES Key Derivation from RSA"]
O --> Q["Baseline Signature Verification<br/>Ensures Integrity"]
Important
Keep in mind this project is still under heavy development so information may be changed or inaccurate.
-
src/
Contains the source code scripts for each anti-cheat module. Each script implements a distinct detection or defense mechanism. -
docs/
Detailed documentation for every component, explaining its purpose, implementation details, and usage instructions. -
logs/
Stores runtime log files generated by the anti-cheat modules, including alerts, detections, and errors. -
keys/
Holds cryptographic key files (public and private RSA keys) used for signing and verification within select modules. -
baseline/
Contains encrypted baseline files and their corresponding digital signatures used for integrity verification.
Caution
Cryptographic keys included in this repository are for lab and demonstration purposes only and must never be reused in a real-world or production environment.
Detects unauthorized modifications to critical game files by comparing cryptographic hashes against a digitally signed baseline.
Monitors system memory to detect suspicious patterns indicating code injection or memory tampering.
Kernel Monitor (Work In Progress)
Tracks kernel-level driver activity to identify unauthorized or malicious kernel modules.
Process Watcher (Work In Progress)
Watches running processes and flags blacklisted or anomalous behavior indicative of cheat tools.
Input Logger Detector (Work In Progress)
Detects unusual input patterns or injected inputs that may result from macros or keyloggers.
Network Sniffer Blocker (Work In Progress)
Identifies tools attempting to intercept or inspect game traffic.
Behavior Analysis (Work In Progress)
Analyzes player behavior data to detect aimbots, wallhacks, or other automated cheating strategies.
To run a specific module, execute its corresponding script inside the src/ directory.
Refer to the documentation for each component to understand setup requirements and usage details.
This project is licensed under the MIT License.