Created a new thread: Defeating Vanguard's Import Protection
I've rewritten the blog article and the code to leverage Unicorn Engine to emulate the import resolving routines.
To use my project, please assure that the vanguard kernel driver is present within the same folder.
Valorant, being a highly competitive game, demands that there be no cheats and calls for the highest level of protection.
In order to prevent an attacker from studying the game and anticheat’s internal behaviour, Vanguard, the line between heroes and cheats, employs a variety of techniques, such as import protection.
Import protection is crucial because it prevents malicious actors from drawing firm conclusions about the actions of the code, even inside virtualized methods.
Created a new thread: Defeating Roblox's Import Protection
Roblox is a popular online game with an ever-growing player base. Due to its popularity, the game’s engineers require around-the-clock action to strategize new methods to thwart an attacker’s ability to analyse the behaviour of the game’s vital components.
For an attacker, a trivial piece of the puzzle is to understand how the game operates. One of the many ways to achieve this is to examine the imports used within the process and perform further analysis based off the gathered results.