Hundreds of these already exist so I’ll just cut to the chase:
This is a client-sided anti-exploit that mainly focuses on preventing the tampering of a player’s humanoid. This anti-exploit can:
Detect WalkSpeed changes
Detect JumpPower/Height changes
Detect MaxHealth changes
Detect HipHeight changes
Detect MaxSlopeAngle changes
Prevent PlatformStand-ing
Prevent disabling of death states
Support R6 and R15
This anti-exploit was put together quickly for one of my past projects and I thought to refine and publish it’s source. It uses some small (but not full-proof) methods to hopefully prevent being disabled. I recommend using this in games that don’t mess with characters that much as this was developed with the default Roblox environment in-mind.
DISCLAIMER: This is a client-sided anti-exploit. This exploit can be disabled or spoofed by an experienced enough exploiter, as can all other client-sided anti-exploits. This should be used along side a robust, server-sided anti-exploit or other form of exploit detection. This is only a demonstration that may prove useful in some cases. I would not like to debate with anyone the effectiveness of this anti-exploit (and yes, I am aware that exploiters can spoof property values).
Here is the model if you’re interested: Client Humanoid AE
Make sure to place the module into the StarterCharacterScripts folder.
The code for the anti-exploit can be viewed upon opening it in studio. If you find any bugs, please let me know.
A couple Quick questions: What’s the point of putting a client-sided exploit in your game if it can easily be bypassed/disabled/spoofed by an exploiter? And how could client-sided exploits work along side server-sided exploits to be effective?
I’m not asking for a debate. Just asking a couple questions.
As opposed to what some other developers might have done, I did not just include a single, unprotected local script as the anti-exploit. The method I’ve used should make disabling, or otherwise tampering with, the anti-exploit a bit more difficult (but not impossible).
The main idea is to prevent the majority of less-experienced exploiters that might not have the technical know-how from cheating. And yes, this obviously isn’t going to stop everyone, but it’s better than nothing.
For your other question, the server-side can be used for more general exploit detection such as speed or fly, while the client can be used for more personal detection such as GUIs or network exploits.
I really feel like some people cannot read whatsoever. I’m not pointing fingers at anybody particularly in this thread, but I have a good feeling someone will show up and rant about how its “uselss!1!!!1!!”
Yes, clearly, OP knows that having only a client sided anti cheat is easily bypassed. However, the goal of this was to stop any non-experienced, new exploiters with little to no background knowledge. I find it beneficial to have a client sided one as well as a server sided one. It stops any dumb exploiters, and the server one can give more experienced ones a bit of hassle as well.
My anti-exploit is made to be a simple client-sided check for basic cheats which I recommend be used along side a proper and robust server-side anti-exploit. You could likely use both your and my anti-exploits together in order to create an even more robust system.
At the end of the day though, I recommend that all developers reading this rely more on server-sided sanity checks that run on a per-game basis as opposed to generalized anti-cheats that may or may not work on any given game. That would be the ultimate anti-cheat for any game.
