CoreGui Anti Exploit Detection

So I found out that exploit guis are added to the CoreGui of the player. Sebstian_Wilson, at the time developed a script were non-roblox CoreGui’s were detected and the player is kicked. However, as of 10/8/2020, this localscript no longer works, and didn’t prevent any exploits.

Is there any alternative or any fix to this type of detection?

Any help is appreciated.

1 Like

No, developers are locked away from CoreGui for good reason. There is a trick where you can use pcall a recursive game:FindFirstChild but you have to get lucky that you find anything there since you need a specific name, and plus exploiters can just not use Roblox GUIs at all and move to external drawing libraries making them 100% undetectable.

Don’t overthink it.


Roblox patched most bugs that allowed developers to detect CoreGui exploits, however, there are ways to detect exploits that have CoreGui GUIs so you could focus on detecting the other parts of whatever exploit is interfering with your game.

A good thread that may help you is Exploiting Explained which if you read the post and replies can provide you with good insight into how you can go about protecting your game.


Actually, There is a way to access the CoreGUI without doing any of that.

Look at the screenshots below:

To see this you must enable it in studio settings:

Then scroll down until you see Explorer and check these boxes:

I’m talking about in-game and it was clear from the context that is what I mean. Game scripts access it.

For in-game, You must enable Show Core GUI in Explorer While Playing.

Please read the posts again. OP is talking about exploits which are not done in Studio. You are talking about Roblox Studio, the topic is about exploits in live games. The explorer is not accessible in-game. (The setting is even under the “Explorer” category!)

It makes it live when you publish the game. Therefore, You can access it in game. These Studio Settings apply to the live game.

We are talking about scripts, not the explorer. Game scripts (keyword game, scripts authored by game developers) cannot access CoreGui. I invite you to read the topic again, it looks like you are still confused. Studio settings are accessible from studio settings precisely because they are for studio. Checking that property doesn’t make it accessible to game scripts. This can be tested.

There is an Exploit called Dex that can access the Explorer. Most Exploiters access the Core GUI to inject and hide their scripts.

I don’t know if you are trolling, but Dex is a custom explorer. That custom explorer is in CoreGui…which the latter isn’t accessible to developers in the first place…

That is exactly what I am saying and No, I am not trolling. You are just making me frustrated because your basically calling me stupid. Plus, I have an Anti-Exploit that Detects Dex.

I highly doubt that you have a fully functioning foolproof Dex detector. Also, no, it’s not shown or accessible to developers in-game.

CoreGui is locked for a reason.

I suggest minimizing the damage an exploiter can do (sanity checks, serverside movement anticheats, etc) instead of relying on CoreGUI checkers.

Don’t waste your time @incapaz.
Quite literally restated in another form, you can access CoreGui because you’re in studio, but you cannot within GameScripts because they lack the proper identity level without an executor and that is a fact.

1 Like