Universal Multi-Platform Technical Whitepaper // Universal HWID Bypass Architecture

Complete Hardware Identity Spoofing

  • Motherboard Serials: SMBIOS, ACPI, WMI queries all intercepted. BaseBoard, SystemEnclosure, BIOS serials randomized at kernel level.
  • CPU Identifiers: CPUID instruction hooks return spoofed processor signatures. Serial numbers, microcode revisions fully masked.
  • GPU Device IDs: All graphics adapters spoofed—NVIDIA, AMD, Intel. PCI vendor/device IDs, VBIOS serials, registry entries modified.
  • MAC Addresses: Physical address spoofing across all network interfaces. NDIS filter driver ensures consistent values to OS and applications.
  • TPM 2.0 Modules: Endorsement keys, attestation certificates, and platform hierarchy fully virtualized with random entropy.
  • Storage Devices: HDD/SSD/NVMe serials spoofed via minifilter. SMART data, firmware revisions, model strings all randomized.
  • Registry & EFI: System-wide registry cleanup removes old identifiers. EFI variable manipulation ensures persistence across reboots.

Universal Anti-Cheat Bypass Matrix

  • Vanguard (Valorant): Ring 0 driver with boot-time initialization. Our signed driver loads earlier, establishing hooks before vgk.sys.
  • EasyAntiCheat (Fortnite, Apex, Rust): User-mode and kernel components. HWID collection at both levels fully intercepted.
  • BattlEye (R6S, DayZ, Tarkov): Deep kernel scanner. Our driver mimics legitimate hardware vendor signatures, evading detection.
  • VAC (CS2, DOTA2): Primarily user-mode with limited kernel access. Hardware queries spoofed at API layer.
  • FACEIT, ESEA: Client-side + server-side verification. HWID submitted to servers is fully randomized per session.
  • Ricochet (Warzone, MW): Kernel driver with hypervisor detection. Our nested hooks mask all VM/debug artifacts at CPUID/MSR level.
  • nProtect GameGuard: Legacy protection. Trivially bypassed via driver DSE exploitation and IAT hooking.