Skip to content
This repository has been archived by the owner on Apr 14, 2019. It is now read-only.

mq1n/NoMercy

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

NoMercy

The "NoMercy" project is "the gold standard" open source Windows kernel/user mode anti cheat written with C/C++.

Notes;

  • The project will not be updated for a while, due than my computer is corrupted.
  • The project is still under development
  • Currently just developed and tested on Windows 10 x64 RS4(1804) as WoW64 process
  • Build 3rd party dependencies or download released pre-compiled bundle and extract .zip content to "NoMercy\Extern\CompiledLibs"

Prerequisites

System requirements

  • Windows Vista or greater

Planned Features;

  • DLL inject detection
  • Thread inject detection
  • Harmful thread detection
  • Virtual memory code inject detection
  • Virtual memory code modification detection
  • Virtual memory module integrity protection
  • Virtual memory hook & breakpoint & dump protection
  • Ingame harmful window detection
  • Mouse & Keyboard automation detection
  • Ingame keyboard hijack detection
  • Software & hardware macro detection
  • Multi client detection
  • Game client modification detection
  • Detect/Reject/Analysis game process memory access
  • Detect/Reject/Analysis game process handle access
  • Detect/Reject Kernel and User mode debugging
  • Detection execute on virtual machine, emulation and generic sandboxes
  • Hardware information based ban system
  • Heuristic detection
    • Common checks; File, Driver, Handle, Heap, Module, System object, Process, Virtual memory section, Thread, Window
  • Self integrity protection
  • Splash UI
  • Game specific protection methods
  • Special ring3 access protection

Workflow

- to be added later

Download

- to be added later

TODO, In development features;

TODO Main features;

  • Node JS based WebSocket API server
  • Plugin based heartbeat system
  • Self updater
  • Global hook engine
  • Protected network wrapper API for game <> client communication
  • Web interface
  • ARK like Remote Administration tool for manage master server connections

TODO Network Features;

  • Sequence
  • Daemon for master server(s)
  • P2P pool for master server(s)

TODO Kernel features;

  • Driver to Service Logger instance
  • Integrity check for self OB callbacks
  • Enumerate kernel memory for find manually mapped and hidden(unlinked), deleted(file), non-signed drivers, hijacked objects, non device created drivers also check loaded driver file-memory integritys
  • Anti hook (Inline, IAT, EAT, SSDT, SSSDT, IDT)
  • APC monitor for block injection
  • Anti speed hack based time modification detection/manipulation
  • Ring3 protection(PPL) for self protected apps
  • Anti debug/sandbox/hypervisor/virtualization
  • Scan/Analyse non paged allocations
  • Physical memory based SBD scan (MmGetPhysicalMemoryRanges)
  • Child process create monitor for our protected apps
  • Protect from inherit'd handles
  • Scan/Analyse VAD entries and hidden VAD entries
  • g_CiOptions integrity check
  • ExpLookupHandleTableEntry integrity check
  • KPP integrity check
  • SMEP integrity check
  • PPL manipulation check
  • PspNotifyEnableMask integrity check
  • Physical memory user mode access check
  • Block game hwnd access from window APIs(NtUserQueryWindow/NtUserBuildHwndList/NtUserFindWindowEx/NtUserGetForegroundWindow/NtUserSetWindowLong/NtUserWindowFromPoint)
  • Block suspend access to our kernel threads from System(4) process
  • Split handle owner system apps(csrss, lsass, pcasvc) accesses
  • Scan unloaded drivers(MmUnloadedDriver-MmLastUnloadedDriver) Also manipulation check just like list is it null, list is filled with fake modules(time ranges)
  • Hook & Analyse IRP_MJ_CREATE calls

TODO WebAPI Features;

  • Real time detection status
  • Game statistics data as Daily/weekly/monthly/quarterly/yearly
  • Accessed counts
  • Executed counts
  • Hacking tool detection counts
  • Unknown hardware devise frequency of use
  • Nationally executed/access frequency of use
  • Game play frequency of use
  • Operate system frequency use
  • National VPN detour frequency use
  • List of nationality hacking tool detection/user
  • Provide daily/weekly/monthly user statistic data
  • Rank of hacking tool used IP
  • Rank of hacking tool used system
  • Rank of hacking tool used account
  • Provide daily/weekly data
  • Accessed account/system mapping information
  • Hacking tool detection log information

Dependencies

Protector SDK files

License

NoMercy is licensed under the GPLv3 License. Dependencies are under their respective licenses.

Contributing

  • Fork it(https://github.com/mq1n/NoMercy/fork)
  • Create your feature branch: "git checkout -b my-new-feature".
  • Commit your changes: "git commit -am 'Add some feature'".
  • Push to the branch: "git push origin my-new-feature".
  • Submit a pull request.

Credits

Donations

If you did like to buy me a coffee, I won't complain. x)

BTC

1P6GqjR9TcoDkVNz4TJqQaH5SyTgnsyirB

Etherium

0xdA847F888f2dfB1c491f0bf4cEc1D3A718e56695

BTC Cash

qz9jn9yjkyxvp7tfjffjc2wjf4yxvgey3sekl3yrqu