Instead of focusing on patching Dex, (Because one can easily just print out your game’s descendants list without UI), you should focus on sanity checking your scripts. That way remotes can’t be abused.
The reason I state this is the fact that there are many other ways other than Dex to view your game’s source content. Not to mention as others have stated Dex can just bypass almost any patch you throw at them.
Exactly this. Exploiters do not need Dex to see parts of your game / disable scripts and stuff.
Ah, I also remember such thread. It used a function to hide the source of scripts to the Synapse decompiler. Unfortunately, it didn’t “patch” (or detect) Dex.
(if this is not what you are talking about then im stupid)
Not exactly, although I can DM you the method. The method I was shown breaks Dex, not really patches it from being used.
I agree that dex is just a development utility but my problem is with CoreGUI exploits like infinite yield I made a unbypassable anti-cheat and 2 people was able to bypass at all over a hundered and that 2 guy just used infinite yield to do that.
This has probably been said already (Didn’t read all of the replies)
Theirs no point in wasting time on stuff like patching dex, As long as your code relies on the server and the client is mostly just visual/getting response for key-input their shouldn’t be any issues even if they use DEX. If you’re worried about them stealing scripts (on the client side or if you left any in workspace (you shouldn’t ever have scripts in workspace) then I recommend encrypting your code for the client side. It’s also a shout to hide some of your client scripts in the PlayerModule as its the last place most exploiters ever usually look (the module for user camera/input etc))
Overall theirs not really any point, Even if you stop dex by catching out keywords such as “SaveInstance” I’m fairly certain darkdex isn’t even a part of the game memory, I personally believe that it’s a seperate tab and then theirs a code that just gets every existing thing in the game and displays it on this 2nd window, And even if you detect dex by specific names they can just make every instance have a random hash string making it pointless. I personally chose to focus my anticheat more on stopping things that can ruin gameplay for other players or give the user an unfair advantage, It’s ok if they ruin their UI or delete stuff from client side. They are ruining gameplay for no one but themselves.
Link to thread, (if its not this one)
Dex can’t be patched 
What he means is the fact that you are causing this mayhem over something that is barely even patchable.
Bruh, it’s barely patchable so please stop causing mayhem about this.
Actually, he did, he would not be replying if he did not read the whole thread.
Additionally, if OP claimed that he patched it he would have been working on this and not causing mayhem about this.
Are you able to send me a video about this “Physics calculation”
So your saying you can patch something that doesn’t even exist in roblox memory? 
Ok, send it please. I’d love to see it!
I don’t think I can link you my DMs
Here was the comment:
It was the thing @TESLAC0IL was talking about. He sent me a DM with the work-around.
Im quite interested in this aswell. Someone showed me how to break dex to prevent it from working, but this sounds even more interesting considering it patches every single Dex.
Could you maybe DM me this method?
I never called you inexperienced, your aggression is unwarranted.
the only time you’d need an abstract wrapper like DEX
Read this here, as i’m implying that one might ‘need’ DEX, I am speaking from the perspective of an exploiter when i say that part. My entire point was that you could use so many other ways besides DEX, and that for you to use DEX you’re either inexperienced or you don’t feel like doing it yourself
Honestly this is getting out of hand, Im not here to argue over if dex is patchable or not because 1. it is and 2. it’s really hard so it will get unpatched sooner or later.
It shouldn’t ever be an argument. Exploit threads run on the identity of 6, 7 or 8, giving exploiters elevated permissions. Which is also the reason you can’t insert objects in game.CoreGui through a script.
Reference: A Current Explanation of Normal Identities and Security Tags
You need to realize one thing, exploits have the upper hand with any sort of client security. There are various custom functions in exploits that exploiters can use to circumvent local security checks.
Developers don’t have near as much capability as any exploiter does over the client. Your best bet is to never worry about client security, focus all of your security on the server.
E.g., Add sanity checks to remotes to ensure they aren’t fired an [x] amount of times a second or minute.
Dex is useless unless there are vulnerabilities in your game for those exploiters to exploit.
Sorry for bumping but I made it to not false positive using input service
It can easily be bypassed with:
hookfunction(getgc, function() return 0 end)
hookfunction(game.Stats.GetTotalMemoryUsageMb, function() return 0 end)
that hook is Detectable [Char]
It’s 2023!
I don’t know if you’ve found a solution yet, but I’m putting this here anyway for any other devs scrolling through trying to find one.
I have no clue know why, but Instance:IsDescendantOf(game:GetService(“CoreGui”)) gets around the security class.
So you could do something like this in a LocalScript:
game.Loaded:Wait() -- wait for game to load
task.wait(1) -- waiting just incase
script.Parent=nil -- parent script to nil, makes it slightly more secure, though can still be bypassed
game.DescendantAdded:Connect(function(descendant)
if descendant:IsDescendantOf(game:GetService("CoreGui")) then
descendant:Destroy()
end
end)
This script prevents Instances from being added into CoreGui, though exploit devs can get around this (most executors likely have a secure method to get around this sort of stuff).
(found this on a discord server so I thought I’d share it)