Status
Open for contracts and discussion
CONTACT
Ava.gg#7103 - Discord
Portfolio Introduction
Throughout developer forums sits hundreds of portfolios for services ranging from Graphic Artists, Programmers, Animators, Sound Design, and many more. However, one area seems to always be lacking and that is what the portfolio here aims to offer.
It is shocking to me how many games today that reach such status as the front page still lack very basic security knowledge and it shows in the types of malicious scripts for their games. Ranging from Apocalypse Rising 2’s unprotected humanoids from lack of understanding to Rogue Lineage’s bewildering attempts to detect things many of the malicious tools patched upwards of a year ago.
In the past I’ve developed a youtube tutorial series to help developers understand their games better and how to protect them against the growing community of exploiters. I’ve been offered positions in games such as Vesteria, Dungeon Quest, and many others. Including a plethora of lesser known games that haven’t had the success of the aforementioned.
Who are you?
Admittedly, yet not surprisingly; I’ve previously been part of the exploiting community, and have been developing scripts for the thick end of five years. Over the time I’ve been a part of the malicious side of the constant struggle against exploitation I’ve discovered things many developers tend to really misunderstand. I firmly believe a developer whom has never experienced this side of the back and forth has massive areas lacking in their understanding of how much power exploiters have, and what you can actually use in your arsenal to combat these people.
I’ve bypassed countless methods of preventing exploitation on almost any front-page game you can list, excluding very few. This experience in bypassing these methods have of course always left me wondering how developers could’ve prevented what I did to bypass. And in some cases, the answer is that its just impossible to prevent such exploitation as metamethod abusing and so on. However, this isn’t always the case I see games daily that could easily patch up a lot of their public exploits that are present for their games; but for one reason or another they don’t. And usually that reason? Lack of knowledge. Games should start hiring someone specifically for developing measures to prevent and slow-down exploits.
What can you offer me as a developer?
I’ve worked with a wide range of developers, varying in knowledge based around exploitation of the client, and I’ve offered services similar to those listed below.
-
A full review of a games security with a report
In the past developers have asked me to provide a full documented report of all the vulnerabilities that are currently public for their game, as well as documentation on vulnerabilities that could potentially arise for their game - with a conclusive page of suggested patches for all of theses. This usually follows a quick review I run over their game to see if the services are really required - and has previously been a 1-time en devour with a single payment for the document. -
Full-time Employment with developer
I’ve previously declined these form of contracts, however I am open to these from this point onward. A full-time contact would consist of access to some form of test-branch for the game, with me developing full-time towards the anti-cheat and countermeasures to stop exploitation of the game. These contracts (unlike others) do require a large degree of trust. -
Singular review, and patches
Finally, if developers ask and I have the time; I may be willing to look over the game for free to determine if there are any immediate flaws within the game. If none are found the developer forks nothing out, and all is good. Otherwise a contact can be negotiated.
I also want to make this clear - as some developers may rightfully be skeptical about my services. Don’t be shy and just message me on discord, ask me any questions you need - and do any vetting you need to do of my services. I take no offense to developers being skeptical of what I’m offering, or my experience involed.
How deep are your checks really?
I want to clear up any confusion or criticism that my services are a surface-level basic ‘humanoid’ exploitation check, and so on. Cause they’re not. My checks include;
- Full metamethods, namecall, exploitation patches. Based around making games more secure on the server-side to prevent such methods being useful or bypassed.
- Full experimentation with custom ‘exploit only’ functions such as hookfunc, getconnections, nilinstances, decompiling, and so on. To make your game as secure as it can possibly be in regards to these functions.
- Non-patchable server-side solutions. As well as the possibility (if requested) for solid hard to bypass client-based anti-cheats on top. Which are easily updated and include many measures to make it as difficult and as slow as possible to bypass them.
- 99% Patch rate of any PUBLIC exploit floating for your games, and a solid hit to most other methods (private included)
- For less experienced developers, installation of custom-modules that prevent things such as noclipping, speedhacking, flying on the server-side.
Prices and contracts
Fully negotiated. If you have questions, you have a custom contract; or absolutely anything. Then just contact me and ask, there is no such thing as a stupid question that you can throw at me - so don’t be shy and throw me a DM. My response times are usually pretty solid within reason. (UK TIMEZONE)