So basically I’m planning to create a Anti Exploit script using a module script to store all the codes and distribute it to the normal scripts inside every player’s character, I was wondering if an exploiter can view the codes of the Module Script or certain codes using the normal script. The module script is stored inside ServerScriptService.
sorry for the sloppy english its 12am
Since your modulescript is in ServerScriptService no hacker will be able to see the module code. Hackers also cannot see the code of a server script no matter where they are.
Hackers can only see the local script code and the code of modulescripts that are in containers that are replicated such as Workspace, ReplicateStorage, ReplicateFirst, etc.
Technically yes, exploiters can see server sided code, they can even manipulate Datastores. Unfortunately there is nothing safe not on the client or the server… Obfuscation is the only main defense against this stuff.
Fortunately these server sided attacks are super rare so unless your game gets targeted you should be fine. There are very few exploiters who even know of these to begin with nevermind how to even execute them, however they do exists and I have heard of both stories and living proof of it happening.
So as a general rule of thumb yes normal scripts are “safe”.