一个策划的工具列表,教程,以及更多用于逆向工程的视频游戏!
欢迎来到网络上最全面,最独特的游戏黑客资源列表!当你穿越这个不断增长的庞然大物时,你可能会惊讶地发现许多这里提到的工具,库,框架等都不是用任何黑客游戏来制作的。由于游戏黑客本身就是逆向工程的一个分支,这意味着我们拥有大量其他类型的逆向工程工具供我们使用,以便进行游戏黑客攻击。
除了这些工具之外,还有大量的知识可以从教程,演示文稿,书籍等等的聚宝盆中收集到。我会不断更新这个列表,所以一定要观看/明星!如果您想分享尚未列入清单的资源,请随时通过为此资源库创建问题或拉取请求来提交该资源,或者将其通过电子邮件发送给我。
最后,如果黑客入侵网络游戏是您感兴趣的话题,那么我还为这个主题单独维护一个广泛策划的存储库:终极在线游戏黑客资源。您可能会注意到这两个存储库之间的重叠量可以忽略不计,但基本上它们是互补的。现在,与游戏黑客善良!
工具类型 | 工具/链接 | 描述 |
---|---|---|
一体 | 作弊引擎 | [开源] 一个强大的全功能于一身的游戏黑客工具,具有广泛的功能集。Mac,Linux和Android的变化版本可以在这里找到。CE视频教程在这里。 |
一体 | Squalr | [开源] 一款在C#中开发的高性能游戏攻击工具,其功能既可与竞争对手匹敌,又可与补丁引擎互补。 |
一体 | CrySearch | [开源] 类似于Cheat Engine的内存扫描器,但具有不同的功能和更清晰的用户界面。 |
一体 | PINCE | [开源] 针对GNU Project Debugger(GDB)的前端/反向工程工具,专注于游戏。它本质上是一个用于Linux / MacOS的工作进行中的Cheat Engine。 |
一体 | 二进制忍者 | [商业] 逆向工程平台,十六进制编辑器和基于交互式图形的反汇编程序。 |
反汇编器/调试 | x64dbg | [开放源代码] 用于Windows的x86(32位)/ x64(64位)调试器。OllyDbg的精神继承人。 |
反汇编器/调试 | WinDbg的 | [免费] 微软的官方Windows调试器,它允许调试内核和用户模式代码。还有一个为Windows 10(WinDbg Preview)构建的WinDbg新版本,其中包含更新的UI,新功能等。 |
反汇编器/调试 | IDA Pro | [Commercial] A multi-processor disassembler and debugger that works on Windows, Linux, and Mac. This is the crème de la crème of disassemblers in many professional reverse engineer’s toolkits. |
Disassembler/Debugger | Hopper | [Commercial] A powerful disassembler, decompiler, and debugger for macOS and Linux. |
Hex Editor | HxD Hex Editor | [Freeware] A fast, basic hex editor. |
Hex Editor | 010 Editor | [Commercial] Extremely powerful and robust hex/text editor. |
Hex Editor | Hexinator | [Commercial] A worthy “010 Editor” competitor with many different features. |
Hex Editor | Hex Workshop | [Commercial] A popular, feature-rich hex editor. |
.NET Decompiler/Debugger | dnSpy | [Open Source] A .NET assembly editor and debugger, including support for Unity games (Mono binaries). |
.NET Decompiler | ILSpy | [Open Source] A .NET assembly browser and decompiler. |
Java Decompiler | JD-GUI | [Freeware] Displays Java source codes of “.class” files. You can browse the reconstructed source code with for instant access to methods and fields. |
Java Decompiler | Helios | [Open Source] An all-in-one Java reverse engineering tool, featuring integration with the latest, up-to-date decompilers (Krakatau, Fernflower, CFR, Procyon, Javap, etc.). |
Java Decompiler/Debugger | Bytecode Viewer | [Open Source] A Java 8 Jar and Android APK reverse engineering suite (decompiler, editor, debugger, and more). |
Java Editor | Recaf | [Open Source] Used to edit the binary of java games/apps without needing a hex editor or having to decompile and recompile classes. |
Flash Decompiler | JPEXS | [Open Source] Extract resources, convert SWF to FLA, edit ActionScript, replace resources, and more. Works on Windows, Linux, and macOS. |
Flash Decompiler | Trillix | [Commercial] Converts SWF to FLA and decompiles Flash (supports Flash up to CS6 & CC and ActionScript 3.0). |
Java Deobfuscator | Deobfuscator | [Open Source] An all-in-one Java deobfuscator which will deobfuscate code obfuscated by most obfuscators available on the market. Accompanying GUI here. |
Network/Traffic Inspector | Fiddler | [Freeware] A powerful web debugging proxy for any browser, system, or platform. |
Network/Traffic Inspector | Wireshark | [Freeware] A robust network protocol analyzer. |
Network/Traffic Inspector | Microsoft Message Analyzer | [Freeware] Enables you to capture, display, and analyze protocol messaging traffic–as well as trace and assess system events and other messages from Windows components. |
Process Inspector | Sysinternals - Process Monitor | [Freeware] An advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. Part of the Windows Sysinternals tool suite. |
Process Inspector | Sysinternals - Process Explorer | [Freeware] Details information about which handles and DLLs processes have opened or loaded. Discover files/directories a program has open, etc. Part of the Windows Sysinternals tool suite. |
Process Inspector | Process Hacker | [Open Source] A powerful, multi-purpose tool that helps you monitor system resources and debug software. |
Process Inspector | WinExplorer | [Open Source] Shows all of a system’s windows and their properties, like handle, class name, caption, size, position, and more. Can modify certain properties for outcomes like making a game run in windowed mode in which it isn’t a built-in feature. |
Function Inspector | CDA: Code Dynamic Analysis | [Freeware] Tool for recording, filtering, and hacking function calls within applications or games. x86 support only. Previously open-source and known as FunctionHacker. Tutorial video here. |
Function/API Inspector | API Monitor | [Freeware] Allows you to monitor and control API calls made by applications and services. |
Function/API Inspector | SpyStudio | [Freeware] Shows and interprets calls, displaying the results in a structured way. Details registry keys and files that an application uses, COM objects, windows the application has created, errors and exceptions, and more. Tutorials here. |
File Inspector | Exeinfo PE | [Freeware] File packer/compressor detector which provides unpacking info and internal exe tools. A spiritual successor to PEiD. |
.NET Deobfuscator/Unpacker | de4dot | [Open Source] A .NET deobfuscator and unpacker written in C#. Most obfuscation from supported implementations can be completely restored (eg. string encryption), but symbol renaming is impossible to restore since the original names aren’t (usually) part of the obfuscated assembly. |
Data Type/Structure Reconstructor | ReClassEx | [Open Source] A tool that intellgently reconstructs data types. Based on the original ReClass. |
Data Type/Structure Reconstructor | ReClass.NET | [Open Source] A .NET port of ReClass, with many additional features. Video tutorials here. |
File Format Parser | QuickBMS | [Open Source] An extensive tool that parses file formats and extracts/reimports files and archives. |
File Format Parser | MultiEx Commander | [Freeware] Allows you to use and create scripts to extract/import files from/to game resource archives. |
PE Inspector | CFF Explorer | [Freeware] Features include dependency walking, disassembly, hex editing, signature scanning/management, special fields description and modification (.NET supported), import adding, extension support, scripting, and more. |
Firmware/File Analyzer | Binwalk | [Open Source] Binwalk is a fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images. Also extremely useful for game analysis (finding/extracting images from resources, etc.). |
Text/Binary Pattern Scanner | YARA | [Open Source] Create descriptions of, and rules based on, textual or binary patterns. Excellent for creating custom rules for tasks like identifying resources in a game, game engine and version being used for a game, etc. See YARA GUI for a Windows GUI front-end. Also, see yarGen for a YARA rule generator. |
Injector | Xenos | [Open Source] A Windows DLL injector, based on the Blackbone library. |
Compiler | Compiler Explorer | [Open Source] Run compilers interactively from your web browser and interact with the assembly! |
Memory Scanner/Tracer | PSR (Pointer Sequence Reverser) | [Open Source] Traces instructions executed prior to reading/writing from/to the provided address of a data member or object, then highlights relevant instructions, identifies vtable pointers, and more. Relevant whitepaper here. |
Title/Link | Description |
---|---|
Lighthouse | Code coverage plugin for IDA Pro. The plugin leverages IDA as a platform to map, explore, and visualize externally collected code coverage data when symbols or source may not be available for a given binary. |
Kaitai Struct | A declarative language used to describe various binary data structures in files or memory (binary file formats, network stream packet formats, etc.). Allows for development of custom parsers for binary structures. |
Frida | Allows you to inject snippets of JavaScript or your own library into native apps on Windows, macOS, GNU/Linux, iOS, Android, and QNX. Also provides custom, modifiable tools built on top of the Frida API. |
Volatility | An open source, advanced memory forensics framework used for the extraction of digital artifacts from volatile memory (RAM) dumps. Great for exploring RAM dumps of running games! |
radare2 | A portable reverse engineering framework that acts as a forensics tool, scriptable command line hex editor, binary analyzer, disassembler, debugger, and much more. An accompanying open source book on radare2 can be found here. |
angr | A suite of python libraries that let you load a binary and perform a whole host of tasks: Disassembly and intermediate-representation lifting, program instrumentation, symbolic execution, control-flow analysis, data-dependency analysis, value-set analysis (VSA), and more. |
CeAutoAsm-x64dbg | An x64dbg plugin that allows users to execute Cheat Engine auto assembler scripts within x64dbg. |
CEAutoAttach | An x64dbg add-on allowing you to automatically make Cheat Engine attach to a process. |
SignatureScanner | A C++-based signature scanning library. |
Hacklib | A C++ library for building applications that run as a shared library in another application. It provides general purpose functionality like pattern scanning, hooking, and laying out foreign classes. Additionally it contains some D3D and OpenGL drawing facilities and a cross-platform, high-performance, 3D-capable, transparent overlay. |
Blackbone | A Windows x86/x64 hacking library. Visit the repo to learn of its copious features! |
PolyHook | An x86/x64 hooking library that provides an abstract C++ 11 interface for various hooking methods. |
mhook | A Windows API hooking library. |
minhook | A minimalistic x86/x64 API hooking library for Windows. |
memory.dll | C# hacking library used for making PC game trainers. |
MemorySharp | C#-based memory editing library targeting Windows applications, offering various functions to extract and inject data and codes into remote processes to allow interoperability. |
Cecil | A library to inspect, modify, and generate .NET programs and libraries. |
xAnalyzer | An advanced static code analyzer plug-in for x64dbg. |
AntiDBG | A categorized collection of Windows anti-debugging techniques written in C. These are self-contained debugger checks that will automatically detach debuggers. Great for learning anti-debugging techniques that might be used in games! |
al-khaser | A proof-of-concept application that performs a whole slew of detection methods (virtual machine, emulation, debuggers, sandbox) with the goal of seeing if you can stay undetected. Great for learning how to stay hidden from anti-cheat implementations! |
RAM Watch | A Lua script framework used to create displays for watching RAM via Cheat Engine. See it in action here. |
Noriben | A Python-based script that works in conjunction with Windows Sysinternals Process Monitor to automatically collect, analyze, and report (via a simple text file) on an application or game’s activities. |
CyberChef | A simple, intuitive web app for carrying out various “cyber” operations, including simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more. An in-browser, live demo can be found here. |
Deviare API Hook | A professional open source hooking engine for instrumenting arbitrary Win32 functions, COM objects, and functions which symbols are located in program databases (PDBs). It can intercept unmanaged code in 32-bit and 64-bit applications. |
Microsoft Detours | A software package for re-routing Win32 APIs underneath applications. 32-bit-only version is free. |
Deviare In-Process | A code interception engine for Windows (a free-for-non-commercial-use alternative to Microsoft Detours). This library is coded in C++ and provides all the facilities required to instrumenting binary libraries during runtime. Supports x86 and x64 applications. |
AutoIt | AutoIt is a freeware BASIC-like scripting language designed for automating the Windows GUI and general scripting. It uses a combination of simulated keystrokes, mouse movement and window/control manipulation in order to automate tasks. |
ReShade | An advanced, fully generic post-processing injector for games and video software. Contains a wealth of information for how to intercept DX/OpenGL APIs and inject custom code (e.g. call your own code at present time when a frame is rendered). |
Injectable Generic Camera System | Used for creating custom camera tools in games. Also contains small tools, like a custom DLL injector to bypass Windows Defender detection. |
Title/Link | Description |
---|---|
makin | A tool to help reveal which debugger detection techniques a game is using. |
JRemapper | An easy-to-use GUI for remapping classes, methods, and fields of compiled java programs. Useful with games like Minecraft! |
Portal 2 Trainer | A hack/trainer for Portal 2 that demonstrates C++ and Win32 programming, including GUI, multithreading, and external/remote process memory manipulation. |
Game Hacking (Book) Code Repo | This is the code repo for all the targets and samples used for the book, Game Hacking. |
pdbWriter | A small tool to produce a dummy pdb for an executable with symbols at addresses from a file (think: porting work from, say, IDA to be used for dynamic analysis via Cheat Engine, which would apply the symbols from your custom PDB). |
xortool | A tool to analyze multi-byte xor cipher and guess key length (based on count of equal chars) and key (based on knowledge of most frequent char). |
GameTutorials | An expansive list of game development tutorials in multiple langauges. Heavy on source code and even inclusive of Win32 examples (which is an amazing resource if developing Win32 game trainers is of interest to you). Archive of accompanying site here. |
Title/Link | Description |
---|---|
EFF FAQ on Reverse Engineering Legalities | This FAQ details information that may help reverse engineers reduce their legal risk. Use this information as a guide, not actual legal advice. |
Title/Link | Description |
---|---|
Hack.lu 2017: (Workshop) Reverse Engineering a MMORPG | This workshop covers the basics of reverse engineering a (M)MORPG. The target is Pwn Adventure 3, an intentionally-vulnerable MMORPG developed by Vector35. |
Reverse Engineering Visual Novels 101, Part 1 | A detailed tutorial on using Kaitai Struct to reverse engineer unknown formats. |
Reverse Engineering Visual Novels 101, Part 2 | A detailed tutorial on using Kaitai Struct to reverse engineer unknown formats (continued from above). |
Exploiting Game Engines for Fun and Profit | This slide deck shows you methods to exploit game engines, effictively discovering attack vectors that will work across multiple games using the same engine. |
Title/Link | Description |
---|---|
Note: CEF = Cheat Engine Forum | Link to Cheat Engine Forum |
CEF Discussion - Memory Alignment | General discussion of memory alignment. |
CEF Discussion - Mono: Instances and Invoking via Cheat Engine | Short tutorial demonstrating how to use Cheat Engine’s Mono features, “Find Instances of Class” and “Invoke Method”. |
CEF Discussion - Deallocating Memory in createThread() Script | Script examples in x86 and x64 showing how to deallocate memory in a createThread() script. |
Reverse Engineering of a Packet Encryption Function of a Game | An informative discussion from a question on StackExchange. |
Title/Link | Description |
---|---|
Introduction to IDA Pro (x86/x64, via Windows) | A well-paced, cursory overview of IDA Pro. It’s given in the context of malware analysis, but everything you learn can be directly applied to game hacking. |
Introduction to IDA Pro (ARM, via Mac) | An example-laden overview of reverse engineering ARM binaries via IDA Pro. It’s given in the context of malware analysis, but everything you learn can be directly applied to game hacking. |
Motherboard Livestream Archive: Researcher Cracks Elder Scrolls Online, Dark Age of Camelot, and Wildstar | Adrian Bednarek, better known as “Manfred”, demonstrates the MMORPG hacks he wanted to show but couldn’t during his DEF CON 25 presentation. This is a rare glimpse into the tools, thoughts, and approaches of a professional online game hacker! |
Hacking Games in a Hacked Game | This video discusses goes over the results of those who solved CTF challenges in Pwn Adventure 3 at Ghost in the Shellcode 2015. Slides here. |
The Security of Classic Game Consoles | A presentation demonstrating the technical details of what went into protecting the security of classic game consoles, as well as how those protections were broken. |
Cracking Video Game Passwords, Season 1 | A playlist demonstrating the password schemes used in numerous classic video games. |
Sega Saturn - Cracked After 20 Years | A detailed look into what it took to finally defeat Sega Saturn’s protection. |
Title/Link | Description |
---|---|
Game Hacking | Game Hacking shows programmers how to dissect computer games and create bots. |
Attacking Network Protocols | Attacking Network Protocols is a deep-dive into network vulnerability discovery. |
Practical Packet Analysis, 3rd Edition | Practical Packet Analysis, 3rd Ed. teaches you how to use Wireshark for packet capture and analysis. |
Exploiting Online Games: Cheating Massively Distributed Systems | This book takes a close look at security problems associated with advanced, massively distributed software in relation to video games. |
Game Programming Patterns | A collection of game patterns that make code cleaner, easier to understand, and faster. A great reference for seeing forward engineering representations of what you discover while reverse engineering games! |
Title/Link | Description |
---|---|
REGames Subreddit | A subreddit dedicated to reverse engineering video games. |
Reverse Engineering Subreddit | A subreddit dedicated to reverse engineering in general. Game-related submissions appear quite frequently. |
Reverse Engineering on StackExchange | A link to all game-related discussions (sorted by newest) on the RE StackExchange site. |
Cheat Engine Forum (CEF) | The official forum for Cheat Engine. |
FearLess Cheat Engine | Cheat Engine cheat tables, discussions, and tutorials for game hacking. |
Guided Hacking | Discussion of multiplayer and single-player game hacks and cheats. |
UnKnoWnCheaTs Forum | Discussion of multiplayer game hacks and cheats. |
MPGH (Multi-Player Game Hacking) Forum | Discussion of multiplayer game hacks and cheats. |
ElitePVPers | Discussion of MMO hacks, bots, cheats, guides and more. |
OwnedCore | An MMO gaming community for guides, exploits, trading, hacks, model editing, emulation servers, programs, bots and more. |
Title/Link | Description |
---|---|
List of Open Source Games | A large list on Wikipedia of open source games, both single-player and multiplayer. |
Pwn Adventure Z | An NES zombie survival game made to be hacked. |
Pwn Adventure 2 | 基于Unity游戏引擎的自定义3D MMOFPS。游戏包括几个只能通过修改游戏客户端才能解决的任务。 |
Pwn Adventure 3:Pwnie Island | 第一人称的开放世界MMORPG专为黑客而开发! |
Minetest | 一个开源的,多人基于体素的游戏和游戏引擎。(基本上是一个Minecraft克隆。) |
Xonotic | 一款开源的竞技场式多人FPS。 |
Nexuiz的 | 开源的多人FPS游戏Xonotic基于。 |
AssaultCube | 开源的多人游戏FPS。 |