KAC Icon

Kingsman Anti-Cheat (KAC)

Core Integrity & Protection

  • File Integrity Verification: Continuously monitors critical game files against an encrypted baseline. Any modification or unexpected file results in game termination.
  • Self-Integrity Check: Verifies its own digital signature and uses on-the-fly function encryption to protect key logic from memory scanning.
  • Client Limits & Cleanup: Enforces a 2-instance limit for the game client and automatically deletes unauthorized files from the game directory.

Cheat Detection Mechanisms

  • Malicious Process Detection: Actively scans for and blocks known debuggers, memory editors, and reverse-engineering tools (e.g., Cheat Engine, x64dbg, Process Hacker).
  • DLL Injection Blocking: Prevents the loading of known malicious DLLs used for speed hacks, scripting, or hooking.
  • API Hook Detection: Monitors critical Windows API functions to detect code injection or hooking attempts.
  • Macro/Bot Detection: Implements low-level keyboard and mouse hooks to analyze inputs for non-human patterns, like perfect linear motion or suspicious timing.
  • Advanced Analysis: Includes dedicated threads for screen scraping detection and graphics analysis to identify visual bots or rendering manipulation.

Anti-Tamper & Environment

  • Environment Checks: Actively detects the presence of debuggers and checks if the process is running with administrative privileges.
  • Secure Termination: Suspends all non-anti-cheat threads during a violation to ensure the game is shut down before a user can interfere.

Feature Details

1. Secure Initialization & Licensing

What it does: This is the core of the system's startup. It securely loads a public key provided by the game administrator to verify a digital signature against a license file. This ensures the license is authentic, hasn't been tampered with, and is authorized for use.

2. File Integrity Verification

What it does: The system uses a developer-provided public key to verify the digital signature of a master file list. This list contains the correct cryptographic hashes for all critical game files. This process guarantees that the list of official file hashes is authentic and has not been altered. The system then scans the game directory, hashing each file and comparing it to the verified master list. If any file is missing, modified, or if extra unauthorized files are found, the game is terminated. It uses a local cache to speed up scans on subsequent launches.

3. Malicious Process Detection

What it does: A background thread continuously scans for running processes on the user's computer. It compares them against a hardcoded blacklist of known cheating, hacking, and reverse-engineering tools. If a blacklisted program is found, the game terminates immediately.

4. Unauthorized DLL Blocking

What it does: Similar to process detection, this feature continuously scans the DLLs loaded within the game's own process. It checks against a blacklist of DLLs known to be used for cheating. If a forbidden module is detected, the game is shut down.

5. API Hook Detection & Reporting

What it does: This is an advanced defense against in-memory attacks. It monitors the starting bytes of critical Windows functions. If these bytes are modified, the system flags it as a violation. It can then capture a screenshot of the game, encrypt a detailed report, save it locally, and terminate the process.

6. Macro and Bot Detection

What it does: The system uses low-level keyboard and mouse hooks to analyze player inputs. It looks for patterns that are not human-like, such as: Injected Inputs, Repetitive Timing, Mouse Teleporting, and Robotic Motion. A multi-factor system detects unnaturally straight, constant-speed, and "perfect" mouse movements characteristic of bots, while using a flagging system to avoid punishing legitimate players for occasional frantic movements.

7. Screen Scraping Detection

What it does: This feature monitors for other processes that are frequently trying to capture the game's screen image. This is a common technique used by bots to read game state information directly from the screen. If a process is detected doing this excessively, it is flagged as suspicious.

8. Anti-Disassembly Protection

What it does: To make it harder for reverse engineers to analyze the DLL, a critical function is stored in memory in an encrypted state using a simple XOR cipher. The code is only decrypted for the brief moment it needs to be executed and is immediately re-encrypted afterward. This prevents it from being easily read in a disassembler.

9. Game Instance Limiting

What it does: The system checks how many instances of the game executable are running on the PC. If the count exceeds a limit defined in the secure file list, it prevents the new instance from launching.

Before You Buy:

  • Company Admins/Owners: Please review all options carefully. Pricing varies based on company size.
  • Private Game Server Users: Please contact us on Discord for purchase options.
Kingsman Shop Icon Kingsman Shop Stripe Store Icon Stripe Store

KAC Preview

Have Questions?

For support, technical questions, or other inquiries regarding KAC, join our official Discord.

Join our Discord