Skip to playerSkip to main content
SirMemeV2
This is an absolutely banger video that everyone in the community should watch especially if you've had any doubts recently about cheat buddy's new universal tool "System Guard" which is going to be used to protect the likes of Electron V3 & more.

In this video cheat buddy shows us injection, sandboxing, god mode with system guard, sandbox fps stress test and more!

Most people probably won't be able to understand the technical details explained BUT I know this community does have some reverse engineers out there that will really appreciate the information given in this video.

Read more about what System Guard is here:
https://v3rm.net/threads/electron-released-wayyyy-too-early.2145/#post-20384


FIND MY SCRIPT WEBSITE BELOW (NO ADS):
https://sirmemestuff.com/

Become a member on my channel to gain access to exclusive discord roles & more:
https://www.youtube.com/channel/SirMemeV2/join

HUGE THANK YOU TO ALL MEMBERS (GET YOUR NAME HERE BY BECOMING A MEMBER NOW!)
Dovydas Verketis
Ethan
undscr
Torque
mr fleein
Asset Deities
RapidReels
BeeMilkz
arstrage
Khursheed Javeed
Jonathan Christian
HSTf04233 #f04233
Jarno
ROBLOSSUSSYOMG
takls.
YourLocalRobloxDealer
SSnejk_
Silence_Gamergmod
Universal
Space Therapist
Lucid
Jully Rhodia
Tem Pyreuz
FockStad
Zack Snowmontain
Sinix
Peter Kulik
flippi1120
evo
franwstein
Red Z
Dripticated Bird
Haze
!?
T.B.A.O.D community
Zaptosis
kr4sk
Rapl
tsFocus
N Delta
alex
Klaus
unknown
angxlzz
Carbon
Lego Lua
MiR
StocksIsOP
dw6
Sir Meme V2 Deleted Streams
LEETcyanide
urbanzz
DenDancer
25October
Goose hoz
aze
LogitechGProBeast
Kyronn
SavoCavo1sk
Mike Oxlong
Talking Side
Cavalix
o0kiddik0o
Dexter
Jake
Roge
Kyla
CesarTheGamer
Chosen
DjCat HD
Marsh
PyroSwift_
Rauwo
Alfie
Depzwee
Pixeluted
Hooray
okok
therandom123
BaconLord
Skit
Kiwinomore
Issmail Arici
Zenon
geodude
Isac
SkuppyGamez
IsAstral
kezcn
Fimmy Tom
ItsAussie
erazias
Jai Diddi
Comeback Goddess DJ
qyopy
VirtualModz
BinarryH
AlperSocial
raycast
Transcript
00:00:00What it do everybody, it's your boy MarshaDedon coming to you guys with another video.
00:00:04This video is a little bit different from my last video, I'm basically going to be showing
00:00:07you guys CheatBuddy's System Guard demo which he kindly showcased on my live stream yesterday.
00:00:14In case you guys don't already know, every single Friday at 5pm I live stream on this
00:00:18YouTube channel and sometimes we get special people on, we get highly rep people from the
00:00:23community, we have a bunch of developers come on sometimes and most recently we had CheatBuddy
00:00:28join us on stream yesterday, he's joined me on stream a few times in the past and I just
00:00:33want to give a big shout out to CheatBuddy for actually having the balls to come on stream
00:00:37and showcase this in front of a hundred people, a hundred plus people and I hope that all
00:00:42the doubters out there, all the people that have been throwing a lot of words around lately
00:00:46saying CheatBuddy's using ChatGPT etc, System Guard's detected already, blah blah blah.
00:00:52Hopefully this video can answer a lot of questions and hopefully crush all the doubts that people
00:00:58are having.
00:00:59So without further ado, I'm going to leave this for CheatBuddy, I hope you guys enjoy
00:01:03this clip, this is like an hour and five minutes long so grab your food, grab your bongs, grab
00:01:07your girlfriend, grab your boyfriend, whoever you're with, whatever you're doing, sit tight
00:01:11for the next 60 minutes because you're about to have a full on masterclass, I hope you
00:01:15guys can get some inspiration or learn something from this or even just get excited and more
00:01:19optimistic about the future of this whole community.
00:01:22So I'll see you guys in the next one, make sure to subscribe, turn on notifications and
00:01:26remember you need to start tuning in to my weekly Friday streams.
00:01:29Alright, I'm going to leave this to CheatBuddy, peace guys, peace.
00:01:32That's yours CheatBuddy, let's go.
00:01:35Alright, so who in the chat can tell me right now what is SysGuard?
00:01:42Somebody tell me what's SysGuard for the people that don't know, anybody familiar with SysGuard?
00:01:56Okay, help with bandwaves, some instrumentation, callback framework, yep, okay, so those are
00:02:08all good answers, most definitely, I like those answers, so yeah, that's basically what
00:02:13SysGuard is, right?
00:02:14So what you're looking at right now on the screen, I just made a quick little simple
00:02:19program, a project for this demo basically called Procman and right now if you're not
00:02:27familiar with Windows or C++, I'm using a popular function that's used by most anti-tempers
00:02:34or anti-cheats, it's called virtual query and basically what this code is doing right
00:02:40now, you can see it's scanning basically every five seconds and it's printing all the DLLs
00:02:47within the current process, right?
00:02:49So what I'm gonna do real quick, right now I have another project open, this is basically
00:02:55the heart of SysGuard.
00:02:56NebbyPack, let's go!
00:02:57We got the NebbyPack guys, we got the NebbyPack, so yeah, obviously I got the critical parts
00:03:05of the code hidden but you can see I got some, I got an anti-DLL test, I got a Godmode test,
00:03:11I got an instruction counter test, so to be simple, we're gonna start off with the instruction
00:03:16counter test.
00:03:17This is basically gonna help you guys kinda understand what SysGuard can do and how powerful
00:03:22it is, right?
00:03:23So I'm gonna go ahead and close out Procman real quick, I'm gonna open up the Cheat Engine
00:03:28tutorial and we're gonna inject SysGuard and demonstrate the instruction counter so you
00:03:35guys kinda have an idea of what's going on.
00:03:42Vandal's striking the stream right now, Vandal is photoshopping!
00:03:54There we go, just compile that, and we got our NebbyPack ready, let's go ahead and select
00:04:01the tutorial and we're gonna go ahead and inject our DLL, okay?
00:04:04So you guys can see I got the Cheat Engine tutorial, basically what I just did, I just
00:04:08attached Cheat Engine to it, I'm about to inject SysGuard into Cheat Engine.
00:04:13For the demo, I named it NebbyPack, so as you can see right now, I just injected SysGuard.
00:04:23If you guys know, if you've been reading my previous threads, I told you guys SysGuard
00:04:27is a CPU sandbox, so whenever you're running a program or a game or anything like that,
00:04:33your computer, your CPU, has to run these instructions so that you can actually see
00:04:38the game or program on the screen.
00:04:42What SysGuard right now is doing, it's logging, I have this instruction counter test and it
00:04:48basically just shows a random location in the Cheat Engine tutorial and it's basically
00:04:54just logging all the instructions that's being called in that region.
00:05:00This is the region that I'm actually logging, it's taking the base address of the program
00:05:05and adding hex 1000.
00:05:07So let's go ahead and look at that in Cheat Engine real quick, so this is what this looks
00:05:12like, this is the region of code that SysGuard is sandboxing.
00:05:17So all that right now is sandbox?
00:05:20Yeah, so this is basically the code right here and the sandbox is basically wrapping
00:05:28all of these codes so that it's being executed through SysGuard rather than the actual CPU.
00:05:33So before it runs on the CPU first, it runs through SysGuard, right?
00:05:37All of these functions and stuff that the Cheat Engine tutorial is calling, that's being
00:05:42logged by SysGuard and so when you see the instruction count here, that's what you're
00:05:46seeing happening.
00:05:47Now notice when I move my mouse around the program, look at that, this is what I mean,
00:05:53it went from the thousands to now, you know, we're in 30,000, you know what I'm saying?
00:05:59As I move my mouse, I'm logging different things that the game is doing, so I'm able
00:06:05to intercept these and, bro, we have fucking full control, bro, that's what I wanted to
00:06:12tell y'all, right?
00:06:13Y'all don't understand, so now that you guys kind of understand how it works, I'm going
00:06:18to show you a more practical demo on how we could create a god mode with this, okay?
00:06:23So let's go ahead and move on to the god mode test.
00:06:30Watch out, guys, GPT comments.
00:06:32Yo, we got GPT, hold on, let me, there we go.
00:06:38Haha, no way!
00:06:40No fucking way!
00:06:43It's definitely there, I gotta have your chat GPT.
00:06:47Oh my god, that's hilarious.
00:06:50Lego hack.
00:06:53Trolling level 9,000 right now.
00:06:55Let me hear it first.
00:06:59Boom.
00:07:01Ackerman.
00:07:04We're good.
00:07:07We're good, I just bypassed Byfug.
00:07:12But yeah, we're going to go ahead into the god mode test now, let me show you guys.
00:07:20Okay, so what you guys saw, I ran the first time was the instruction counter, now you
00:07:29guys see I'm doing the god mode test, right?
00:07:31So if you've ever done the cheat engine tutorial before, whenever you go to the first step,
00:07:36it's just trying to get you to understand how cheat engine works.
00:07:40So it'll tell you, you'll have this value here, 100, and it'll tell you to scan it.
00:07:44Matter of fact, let me start from the top so that you guys can see.
00:07:48I'll just go ahead and do the tutorial again for demonstration purposes.
00:07:52You guys can see here, value 100, it basically wants us to scan this, and we're going to
00:08:01click hit me, and scan the next value, 97, okay, it wants us to change it to 1,000, so
00:08:08we change it to 1,000, and then we, you know what I'm saying, the next button we can see
00:08:13it highlights, so now we can go to the next step.
00:08:15Okay, so that's basically it, that's real simple.
00:08:18Let me show you guys how you can do this with sysguard, right?
00:08:33I'm going to click hit me, 96, and instead of changing it this time, I'm going to go
00:08:40to the code that's actually checking.
00:08:43So if you guys notice, this is assembly code that we're looking at, machine code, so this
00:08:47is code that your CPU executes, this is what happens under the hood whenever you're running
00:08:52a program.
00:08:53You can see the 1,000 hex that it's looking for right here, that's actually 1,000 decimal
00:08:58I believe.
00:08:59You can see the 1,000 here, and so we know that if we change the health to 1,000, this
00:09:03is the part of the program that actually enables this button.
00:09:07So you see right now the button is grayed out, so what I just did for this guard mode
00:09:15test, right, this is how easy it is to pretty much sandbox code in sysguard, so all I would
00:09:20have to do is get the address, so you can see this right here is at 1002b429, that's
00:09:27really complicated, so I just got the offset right here, you can see it say 2b429, that
00:09:33I put in sysguard, so that just means sysguard is going to take that compare, which is what
00:09:38you guys see right here, and then it's going to say every time that I see this compare
00:09:42instruction, I know that I'm checking the health, I want to change the health to 99999
00:09:48basically.
00:09:49Okay, so that's pretty much what we expect to happen when sysguard is injected.
00:09:55Let's go ahead and see if that works.
00:09:58Mind you again, so sysguard is sandboxing the CPU, so we don't have to actually touch
00:10:02the actual program, you guys are going to notice, and I don't have to actually change
00:10:06the value down here, so let's see if it works.
00:10:11Okay, let me pack injector.
00:10:14Damn, straight guard mode.
00:10:17Our health is really high, and this is what happens.
00:10:20With sysguard, you notice I didn't have to, you can see the value here, you notice I didn't
00:10:24have to.
00:10:26I think people are really going to enjoy this demo compared to the last demo you gave, this
00:10:31one is much more easier to eat up, especially for the devs in the community.
00:10:34Yeah, yeah, most definitely.
00:10:36I'm going to look at the chat real quick to see if anybody has any comments.
00:10:40He made the code chat BT, I'm weird.
00:10:44That's hilarious.
00:10:52Did he demo it yet, Ember?
00:10:55No, we're going to get to a demo there in a little bit.
00:10:58I'm not going to show a full demo on there because, first, for legal reasons, I don't
00:11:03want to incarcerate myself.
00:11:05The second reason is, why would I give them the sauce to what I'm doing?
00:11:10We're going to do a demonstration, but we're not going to go into detail of how it works.
00:11:14We're just going to flex in a little bit.
00:11:18Can you make cheats for D.Va?
00:11:20Do you still need to inject DLL2?
00:11:22You do, but in this case, you guys see that I'm using Cheat Engine.
00:11:28What I actually use is Guardian.
00:11:31This is my actual injector.
00:11:33My actual injector is Guardian.
00:11:35Guardian doesn't use a normal DLL injection like Cheat Engine.
00:11:39Guardian uses a very, very highly sophisticated, stealthy version of DLL injection, which I
00:11:47showed you guys a video at the beginning of the month that I wasn't detected or anything.
00:11:52I was able to create a new thread, and the game didn't crash.
00:11:56We're going to demonstrate that again later.
00:11:58For the demo, I just wanted to show you guys Cheat Engine for SysGuard.
00:12:06It does use manual mapping, but it doesn't use our traditional manual mapping.
00:12:11Some things you have to do a little bit different to avoid detection.
00:12:15You can't really just use some random skidded-ass code from GitHub and think you're just going to get away with that.
00:12:22Sandbox or DMA? I don't know what is better.
00:12:25DMA is probably more expensive, so definitely sandbox.
00:12:30Does that mean if they patch the injection method, it kills SysGuard?
00:12:33No, because you've got to understand the way that SysGuard works, right?
00:12:38Remember, it's sandboxed in the CPU instructions.
00:12:41If there's a patch to patch my injection method, it's like how you saw that I just sandboxed the compare.
00:12:48Let's just imagine that this piece of code right here was a patch, because this entire thing right here is a function, right?
00:12:55Let's just assume that this was some kind of patch.
00:12:57I could literally just put this code for the location in SysGuard, and then I could intercept the patch.
00:13:03I could say, hey, don't patch that.
00:13:05Don't detect this.
00:13:07Don't run that piece of code.
00:13:10Don't send them telemetry information.
00:13:12Don't send them our hardware ID.
00:13:14I could control everything.
00:13:16Yeah, that's what your concern was.
00:13:18You literally said that literally two days before the electron detection and bandwave happened.
00:13:23You predicted that shit.
00:13:25Right.
00:13:27How do you think when released?
00:13:30Does SysGuard work in the first place?
00:13:33Yeah, you do need to inject DLL, yeah, which, like I said, pixelated.
00:13:38I showcased the DLL injection before, so that's not a problem.
00:13:43We do use internal DLL injection.
00:13:46It's a very stealthy version that's not detected.
00:13:49But, yeah, any application, not any cheat, but any cheat that's out there that's internal, you have to use DLL injection.
00:13:58Whether you do it through manual mapping or directly, at the end of the day, it's still DLL injection.
00:14:06Does SysGuard use trampoline hooks?
00:14:08No, SysGuard doesn't use trampoline hooks.
00:14:10Let me show you what a trampoline is.
00:14:18This is a trampoline hook.
00:14:24Actually, I'm going to do it on a function that robots actually hooks to make it better.
00:14:34The difference between SysGuard and trampoline hooks is trampoline hooks actually have to modify the code.
00:14:40This is an example of a trampoline hook.
00:14:43I'm looking at NTQuery virtual memory, which is a system function used by Windows.
00:14:48This is how the original code looks.
00:14:50Whenever you're doing a trampoline hook, you're basically replacing this original code with a jump.
00:14:56Then you're making it execute your piece of code.
00:14:59When it executes your piece of code, it jumps back to the original location.
00:15:03You can see how I'm back at the original location.
00:15:06It was this jump here, then I jumped back.
00:15:10Now we're back.
00:15:12The difference between SysGuard and these trampoline hooks is that the trampoline hooks change memory.
00:15:20Notice that trampoline hooks change memory.
00:15:23Let me try to go back to that piece of code in SysGuard right quick.
00:15:27I was looking for the guard mode.
00:15:42Notice when I did the guard mode with SysGuard, I didn't actually change the game's code.
00:15:49In the tutorial, everything still stays intact.
00:15:52This is how we're able to pretty much stay anonymous.
00:15:56We don't actually modify the code.
00:15:58If I was doing a traditional code injection in a trampoline hook, then it would have changed to a jump.
00:16:05In SysGuard, it just leaves the code as is.
00:16:08It doesn't actually change the actual code.
00:16:10It just sandboxes the CPU.
00:16:13Advanced detection.
00:16:22Besides everything, what's the best way to write reprocessed memory?
00:16:26Just do the normal method.
00:16:30The only problem with write processed memory and reprocessed memory is it requires a process handle.
00:16:39They scan process handles to see what process is accessing or reading their memory.
00:16:45With SysGuard, to prevent that, we could actually hide our process since we have control of what the CPU executes.
00:16:54That's my way of bypassing it.
00:16:56You could use those normal functions.
00:16:58Just understand that when you do, you risk getting detected.
00:17:04SysGuard does mess with the program.
00:17:06It wouldn't necessarily be stealthy if you explained it before.
00:17:08I pretty much just explained that anonymous exploit.
00:17:12Regular code actually has to modify the file, the program.
00:17:18SysGuard doesn't have to modify the program.
00:17:20It just sandboxes the instructions.
00:17:23This is how it remains undetected.
00:17:25You guys were talking about earlier how SysGuard is undetected.
00:17:32I'm going to demonstrate that using my Procman demo real quick.
00:17:36Going back to Procman, I have a scanner that's scanning all the DLLs in the current process.
00:17:51Let me inject SysGuard into Procman and let's see what happens.
00:18:03As you can see, I'm pretty much undetected.
00:18:08Procman is doing this little scan through virtual query.
00:18:11It's detecting that I injected numpyk.dll.
00:18:15You guys see that?
00:18:16numpyk.dll.
00:18:17Every five seconds, it's printing it out.
00:18:19Boom.
00:18:20If we weren't prepared, if this was just on the regular client, we would have been detected.
00:18:25No doubt about it, we would have been banned, terminated.
00:18:28Capisce?
00:18:29But since we have SysGuard, we have our anti-DLL detection.
00:18:34Let me go ahead and showcase that to you guys now.
00:18:43Someone just asked about timing checks.
00:18:45I'm sure you've already said something about that.
00:18:47Like I said, for the timing checks, SysGuard is really fast.
00:18:53I'm about to do a sandbox stress test in a little bit.
00:18:58You guys will see how fast SysGuard is because it literally runs at 250 frames per second on some games.
00:19:07It's really OP, honestly.
00:19:10Give me one second.
00:19:28Again, like I said, we see that Protman is executing.
00:19:37I'm going to go ahead and go to virtual query.
00:19:41This is the function that Protman is calling to detect SysGuard.
00:19:45It's this function right here called virtual query, right?
00:19:53Now we're looking at Protman's code.
00:19:56You guys can see virtual query here.
00:19:59You can see getModuleBaseName here, getCurrentProcess.
00:20:02Let's look at my code real quick.
00:20:06You can see virtual query.
00:20:08You can see getModuleBaseName.
00:20:09You can see getCurrentProcess.
00:20:11That's how you guys know that this is how the machine code for this function looks like, right?
00:20:17Basically, all I have to do, once I detect that, this region of code is detecting my DLL.
00:20:25Let's just assume that this was some kind of anti-cheat, and I found this location sitting around.
00:20:31It's going to be more complex.
00:20:32I can't show you guys me actually demonstrating on the actual client.
00:20:40I have to create a dummy anti-cheat so that I can show you guys.
00:20:44You have an idea of how it works.
00:20:46Like I said, this is the module being called.
00:20:48It's calling virtual query.
00:20:49It can see all my DLLs and stuff.
00:20:53I just started a new instance of Promptman, and you guys noticed that there's no NemiPack DLL in there this time.
00:21:02I'm running my anti-DLL injection test.
00:21:05Let me make sure I compiled that.
00:21:07Now I'm going to inject it into the process the second time, and let's see if we get detected after we run our bypass.
00:21:14This guard is injected.
00:21:17You notice this is what I added in my instrumentation routine for sysguard.
00:21:23This is basically a callback function.
00:21:26This is what happens, right?
00:21:27Every time that I add a region of code for sysguard to sandbox, I could add a callback function.
00:21:33What this callback function is, it allows me to check this thing called RIP, which is the instruction pointer.
00:21:38This is what I'm doing.
00:21:40I'm saying if the instruction pointer is pointing to this virtual query and injects some code, I want you to print on the screen attempting to call virtual query, and I want you to completely make the function fail, basically.
00:21:54I wouldn't do this in a real-life scenario because it could easily get detected, but for the demo, I just did it like that.
00:22:00As you guys can see, in Promptman now, it's just saying attempting to call virtual query.
00:22:04You guys could see that sysguard hooked it.
00:22:08Notice when I first ran the program, it was printing out all the DLLs, right?
00:22:12Look at that.
00:22:13It ain't printing no DLLs no more.
00:22:15You know what I'm saying?
00:22:17Sysguard got you by the balls, didn't it?
00:22:19This is pretty much just how it would work in a real-life scenario against the anti-chain.
00:22:24Let me see if you guys have any more questions.
00:22:26Bro, I love these little demos that you whip up for the stream and shit.
00:22:29There's no one else that's on this same fucking level.
00:22:32I've never seen this before.
00:22:34There's no one else that's on this same fucking level.
00:22:36I've never seen anyone do these kind of demos and shit.
00:22:39I can't wait until these guys come out, bro.
00:22:42Bro, Pixelated.
00:22:44I'm sorry, Pixelated.
00:22:46I'm using analogies.
00:22:48I don't understand what's not clicking for you, bro.
00:22:53You know what I'm saying?
00:22:54I'm in charge of everything.
00:22:56That means that if they make a patch, I could disable the patch, bro.
00:23:01I don't know what kind of questions you're asking.
00:23:03Because I already dumbed it down.
00:23:05How much more do you want me to dumb it down?
00:23:10If I pair one of those kernels, would this have to be chained?
00:23:13Are we still going to be good for the most part?
00:23:16We'll probably just be using sysguard alongside a kernel driver.
00:23:21You have to understand, sysguard has complete control over user mode still.
00:23:26In order for a lot of user mode anti-cheats to work, they have to communicate with the anti-cheat driver.
00:23:32The advantage that sysguard has over most traditional programs is that sysguard is not only going to have...
00:23:39So, sysguard can control the user mode side, and then I can use a hypervisor or some kind of manual map driver to control the kernel side.
00:23:48You combine them both together, and you pretty much just have a really fucking OP...
00:23:54Now, I ain't going to call it a bypass or anything on here, but just know...
00:23:57You know what I'm saying?
00:23:59Yeah, I think we get it.
00:24:01You know what the magic word is?
00:24:03I don't know myself, but it sounds obvious.
00:24:07I didn't even know you could do that at the same fucking time, that's crazy.
00:24:11Yeah.
00:24:13OP workaround, is it true?
00:24:16These questions are so dumb, where are the good questions?
00:24:19There was a guy, if you scroll up even further, there was actually a guy asking some decent questions.
00:24:26I can't remember his name.
00:24:27What did you say?
00:24:29There was a guy asking good questions, I'm trying to scroll up and find who it was.
00:24:33It was while he was talking and shit.
00:24:36Okay.
00:24:37If you find it, just let me know.
00:24:39Yeah, I will do.
00:24:41Yeah, but if anybody else in the chat genuinely has a concern about sysguard, you know, let me know.
00:24:49Or if you want me to demonstrate something.
00:24:54Bro, Kiwi, that's a dumbass question, bro.
00:24:57Yeah, so that's what we're going to be doing next.
00:25:00We're going to be at least showcasing the DLL injection process.
00:25:05Like I said, I'm not finna incriminate myself, so y'all can go somewhere with that.
00:25:09But we're going to do like a little stress test with the sandbox, and we're going to do a little testing game.
00:25:15What if someone tries to jump to sysguard?
00:25:17Marsh, you got to be more specific than that, what do you mean?
00:25:21What will the sysguard API be like?
00:25:24That's a good question, or however you say your name.
00:25:26That's a good question.
00:25:28So for the sysguard API, like I was saying, I'm trying to sell sysguard.
00:25:33So pricing is going to start at $1,000 a month for sysguard.
00:25:37That's mostly going to be the developer's package.
00:25:41So it's going to use Lua.
00:25:45You saw in the demo I used C++, so it's pretty much going to be similar to the C++ version.
00:25:50I'm going to dumb down so that people that are more familiar with Lua, they can use it.
00:25:55So that will be sold to like fucking executed?
00:25:59Yeah, like anyone that's trying to sell, if they want to do free, it's not really my concern.
00:26:05I'm not trying to sell to like skids.
00:26:08I'm trying to market to actual competent people that are actually seriously interested.
00:26:12Oh yeah, I've seen you talk about it before.
00:26:14I know you'd never sell to people like Vanda and shit.
00:26:17Yeah, for the most part.
00:26:22But that I don't really plan to push too much because first of all, there's not really that many competent people on that level in the community anyways.
00:26:31But for people that are actually serious about making some money, it's just there for them.
00:26:36Then they could use it to make whatever they want to do and build their business.
00:26:41Yeah, that's a good move. I'm glad you fucking gone down that route.
00:26:46On top of that, you know, on top of this exploits.
00:26:48Now, like I said, I got six guard for like other shit, too.
00:26:51A lot of these people, they want to just create like a one time little bypass for bypass.
00:26:57I could apply my knowledge to different games.
00:27:01That's what I've been telling people when you first fucking told me.
00:27:06It's crazy.
00:27:08That's what I mean.
00:27:09Like people were saying, oh, what happens if you get what happens if there's a loss?
00:27:13What happens if it all ends?
00:27:14Like what I'm saying, I'm telling people, well, if it comes down to that and we have to move away from Roblox, then fucking all the possibilities are still endless.
00:27:22Shit could still cook.
00:27:26Pixelated, I understand what you're saying, bro.
00:27:28You know, I literally showcase a demo of DLL injection on the 4th of January this month, bro.
00:27:36So if I showcase the demo of it working, what does that tell you?
00:27:41We got it working, man.
00:27:42You know, I understand your concern.
00:27:44Injection method is not a problem.
00:27:46I already explained on my thread.
00:27:48No, it's pretty much just some checks that they have in the beginning.
00:27:52Nirvana.
00:27:53Just some bullshit, bro.
00:27:55It's not going to be a problem.
00:27:58I don't know.
00:27:59I already showcase a demo, so I don't really know what you know.
00:28:01I'm saying what kind of question you ask me.
00:28:05Is it true you work for we are devs?
00:28:07I don't associate.
00:28:08I don't associate.
00:28:11I don't associate with.
00:28:13Let me not roast people on here.
00:28:14I'm going to try to be nice.
00:28:17The shit talking game on lock.
00:28:21Right, bro.
00:28:22I got at least four warnings.
00:28:26I'm not going to lie.
00:28:27I don't know if I know you said some cool stuff about areas.
00:28:30The new verm owner.
00:28:32I've been getting a shit ton of warnings.
00:28:34I ain't gonna lie.
00:28:35When I made that hyperion thread, them skids had me heated, bro.
00:28:37I was.
00:28:39You saw me.
00:28:40I was cussing out everybody.
00:28:41I don't know what you got warned for.
00:28:43What was the fucking warning for?
00:28:44For being too harsh?
00:28:47I should have got banned for real.
00:28:48But instead, they pin my thread and they just gave me a warning.
00:28:51So that's how you know they fuck with me, bro.
00:28:53You know what I mean?
00:28:54They fuck with me for real.
00:28:55Yeah, but for them warning you in the first place.
00:29:03What will it support be like?
00:29:05What will it support be like?
00:29:06So, will it support EAC?
00:29:08Yo, listen.
00:29:09Listen.
00:29:10Sysguard is for user mode.
00:29:11Sysguard is for user mode.
00:29:12So, don't.
00:29:15It's pretty much universal for other user mode anti-cheats.
00:29:18So, I guess like Valve.
00:29:19I believe Valve is user mode.
00:29:22Somebody could correct me if I'm wrong.
00:29:24VAC.
00:29:25I think a VAC anti-cheat is user mode.
00:29:26There's some user mode anti-cheats out there.
00:29:36Me?
00:29:41How does this work?
00:29:42Is multi-instance enabled?
00:29:45Unitunes?
00:29:46I don't think that will be a problem.
00:29:49I think it should be fine as long as your computer has the resources.
00:29:53I mean, if you could run more than one Roblox instances on your computer,
00:29:56then I feel like you should be able to run Sysguard too.
00:30:01What are your plans for Sysguard?
00:30:03What are your plans for Sysguard?
00:30:04I already explained my plans, bro.
00:30:09Exploit say it.
00:30:11Powered by Sysguard.
00:30:14Hey, it's true.
00:30:15Why is it called Sysguard?
00:30:16So, the reason why it's called Sysguard is because...
00:30:20Let me go show you real quick.
00:30:23On Windows, whenever most detections that are being used,
00:30:28they have to communicate with the kernel, right?
00:30:31The Windows kernel.
00:30:32And this is pretty much how they do it.
00:30:34In your System32 file, there's something called NTDLL.
00:30:38And there's an instruction you'll notice in every one of these functions.
00:30:42They're called syscall.
00:30:44And syscalls are basically how your process communicates from user mode to kernel mode.
00:30:50So, the reason why it's called SystemGuardian or Sysguard is because
00:30:54it intercepts these syscalls so that you don't get detected, basically.
00:30:59So, it's basically guarding you against malicious syscalls that might collect telemetry
00:31:05or get you caught up in a bandwave or whatever else.
00:31:08So, you can see, there's a shit ton.
00:31:10I could scroll all day, but this is basically what SystemGuard is protecting you from.
00:31:15That's why it's called Sysguard.
00:31:20When are you selling it?
00:31:21Hopefully, sometime by the end of the month or the beginning of February.
00:31:24I don't know, bro.
00:31:25I really don't know.
00:31:26It's always some bullshit.
00:31:28It's always some bullshit.
00:31:29Gotta make sure it's ready, refined.
00:31:34Yeah, so, Sysguard is compatible with games other than Roblox.
00:31:38One that I really wanted to show you guys real quick for the stress test is Znotic.
00:31:44I mean, you remember the OG days, right?
00:31:46Oh, yeah, shit.
00:31:48Yeah, this is before Sysguard, as advanced as it is now.
00:31:52Because back then, it definitely wasn't as advanced.
00:31:56Right here, if my screen is still being shared.
00:31:59I mean, can you confirm that?
00:32:01Yeah, it's being shared.
00:32:02Everyone can still see you.
00:32:03Okay, cool.
00:32:04Let me get rid of this stupid chat GBT shit from earlier.
00:32:07Bro, people are going to be posting that tomorrow.
00:32:09I'm going to wake up to that video.
00:32:12I told you.
00:32:13I told you you shouldn't chat GBT.
00:32:15I fucking told you not to chat.
00:32:22We're going to go ahead and test it on Znotic real quick.
00:32:24We're going to see how well Sysguard performs in an actual game.
00:32:32I hate when my Visual Studio glitches like this.
00:32:45Oh, yeah.
00:32:46As you can see, my desktop is still messy as fuck.
00:32:49I cleared it up a little bit.
00:32:55Dammit.
00:32:56Yo, yo, yo.
00:32:58Good.
00:33:00Oh, shit.
00:33:01Stream lagging?
00:33:03Looks like it, kind of.
00:33:06Is the stream lagging for anyone?
00:33:09Stream lagging?
00:33:16No, we're good.
00:33:17Oh, it is for me.
00:33:18That one guy, we've shit into that.
00:33:20Yeah.
00:33:23Oh, he's a really good fucking YouTuber as well.
00:33:32He does good videos.
00:33:33I'm a big fan.
00:33:37He's a real one.
00:33:38He's a fucking real one.
00:33:51I'm going to go back real quick to the NTDLL.
00:33:56If you notice, every syscall, they have a function name.
00:34:02They also have an identifier with it.
00:34:04So, you'll notice for a delay execution, this is basically...
00:34:09Imagine in Lua, you guys know the Lua function, the wait function.
00:34:13You know, whenever you do while true do, you might do like, wait five seconds.
00:34:17This is the equivalent of that.
00:34:19This is the equivalent of that.
00:34:20So, whenever you do that in Lua, this is something similar that it might translate to when it sends it to your operating system.
00:34:27But, it's called NTDelayExecution or ZWDelayExecution.
00:34:32And you can see that it has a little code right here.
00:34:35This moveEX, come at 34.
00:34:38So, this 34 is called a system call ID.
00:34:41So, every single system call has a system call ID associated with it.
00:34:46And so, since sysguard can sandbox the CPU instructions, all I have to do is check the system call ID.
00:34:53So, I know myself what functions is malicious.
00:34:58So, for example, the sleep delay execution, you know, that wouldn't be malicious.
00:35:02You know what I'm saying?
00:35:03It's just telling your processor to sleep for a little bit.
00:35:07But, if I go to something like NTQueryVirtualMemory, which is something that I was using in my DLL code earlier.
00:35:14So, you notice in Procman, I'm calling virtual query.
00:35:19Well, virtual query is just a wrapper.
00:35:21Whenever I run this code and build it and inject my DLL, what happens internally is NTQueryVirtualMemory is called.
00:35:29And you can see right here the ID associated with it is 23.
00:35:33So, whenever I execute with sysguard, all I would have to do is do something like check if EAX is equal to 23.
00:35:41And then I'll basically know if a syscall is about to be executed.
00:35:46I'll check there.
00:35:47So, I would say, for example, this syscall is located at address D302, right?
00:35:53So, I could either check the address itself or I could check the instruction.
00:35:58You see the byte says 0F05.
00:36:00So, that's also how I know that I'm at a syscall.
00:36:03So, by checking these two things, the 23 and checking for a syscall, I know that it's about to make a system call.
00:36:10Since I know that NTQueryVirtualMemory can be used to detect DLLs and stuff, and I know, hey, that's a malicious one.
00:36:17And it doesn't necessarily have to be malicious, but it's malicious enough that it could detect our DLL, right?
00:36:22So, instead of completely making the function fail, what I could just say is every time that it's called, make it ignore electron.
00:36:29Make it ignore, you know, RC7.
00:36:31Make it ignore, you know, whatever I injected into the process.
00:36:35So, hopefully that answers your question, TZN.
00:36:38That's pretty much how you identify it.
00:36:41By me knowing, you know, 15 years of experience, I kind of know what calls are going to be called.
00:36:47And I know ahead of time which one's malicious, which ones could be used maliciously.
00:36:51So, you know, I could just basically program sysguard to intercept them.
00:36:56And, you know, it's all good and gravy, bro.
00:36:58We straight.
00:37:02Why is it called RC7, RCN?
00:37:05That's just what it's called, bro.
00:37:06It's just what it's called.
00:37:10Yeah, appreciate it, TZN.
00:37:11Appreciate it, bro.
00:37:15But, so, if there's any other questions.
00:37:19I'm not associated with Sentinel, so I can't answer that question.
00:37:23I think he was joking.
00:37:27Because I'm sure he said earlier on.
00:37:29Someone said how will this affect LeBron James or some shit.
00:37:31Then he said that.
00:37:33How this affects Sentinel V, bro.
00:37:36I know that you used to joke about Sentinel back in the day, TZN, so I should have.
00:37:42Stella's here, but he's late as fuck.
00:37:44Bro, you're only here because I just fucking told you.
00:37:50Time for the stress test.
00:37:58All right, so stress test time, guys.
00:38:00You guys see, I'm running a full first-person shooter game right here.
00:38:05We're going to go on Roblox in a little bit.
00:38:07But just for the stress test, I want to use like a really full, you know, game.
00:38:11I might do like Skyrim or something.
00:38:13No way.
00:38:14Like a bigger game.
00:38:15System call-ins.
00:38:16Fuck it.
00:38:19We might sandbox some other games in the future, but for now we're going to use Goons.
00:38:23That's the one that I've tested so far.
00:38:26Sandbox finals.
00:38:28Let's give it a try.
00:38:34Oh, hold on.
00:38:36Let me make sure I do the DLO.
00:38:39And for everyone watching, they need to realize that you haven't got a 30, 90, 40, 90 fucking Fred Ripper setup.
00:38:46So for everyone out there on low specs, this one's for you.
00:38:49Right.
00:38:50I pretty much have a really shitty computer, you know, 8 gigabytes of RAM.
00:38:54No way.
00:38:55I didn't know it was that bad.
00:38:56Holy shit.
00:38:58Nothing special.
00:38:59So and I'm right now I'm on a 720p monitor and, you know.
00:39:03Oh, 720p, bro.
00:39:06Oh, my God.
00:39:09You guys could see I just injected SysGuard into Zenotic.
00:39:15And for the sandbox stress test.
00:39:20Basically, there's a certain function.
00:39:22Let me go here real quick.
00:39:28Okay.
00:39:30So this region of code, Zenotic, if you guys know, most games use two different types of engines for rendering.
00:39:37You guys either use DirectX or OpenGL.
00:39:41I'm sure you guys have heard of one of the two.
00:39:44But in this case, Zenotic is using OpenGL.
00:39:48And in order to render things on the screen, it has to call this function called GLSwapBuffers.
00:39:53Just a bunch of different OpenGL functions.
00:39:55You can see right here OpenGL not initialized.
00:39:58So what I want you guys to understand is right now, this is probably the highest form of stress test you could get on a game.
00:40:05Right.
00:40:06Because it's sandboxing the actual rendering loop.
00:40:09You know, the pixels that's put on the screen right now is running that in the CPU sandbox.
00:40:14Okay.
00:40:15So if I'm able to run this game pretty smooth while it's, you know, handling all this heavy work, that kind of gives you guys an idea.
00:40:22Like, time checks shouldn't be a problem.
00:40:25Let's go ahead and see.
00:40:27And I have my FPS.
00:40:28Can you see my FPS, Sirmium?
00:40:30Yeah.
00:40:31230.
00:40:32230.
00:40:33220.
00:40:34I'm over 200.
00:40:35Now, I do drop at times when it gets...
00:40:37Hold on.
00:40:38Can I pause the game?
00:40:39I can't pause the game.
00:40:41I want to tell you guys, it is going to drop a little bit in the beginning because what's happening is as different forms of instructions gets on the screen,
00:40:50this guard has to cache it.
00:40:52So it's going to put it in a cache.
00:40:54And when it gets cached, it basically...
00:40:57You see right there, I kind of froze for a bit.
00:40:59When it gets cached, it basically makes it run faster because it doesn't have to process or sandbox the instruction again.
00:41:05It already sandboxed it.
00:41:07It already did what it needed to do.
00:41:09Oh.
00:41:11Let me see one more thing.
00:41:15Oh, you know what?
00:41:18Me printing on the console is going to slow down the performance.
00:41:22Give me one second.
00:41:23Let me...
00:41:25Oh.
00:41:26Yo, Sirmium.
00:41:27Yo, yo, yo.
00:41:28Yo, let's close the stream.
00:41:29Can you find my screen for a second?
00:41:30All right.
00:41:31I'm hiding it.
00:41:32Shit's hidden.
00:41:33You're hidden now.
00:41:34It's like...
00:41:35Yeah, switch to something else.
00:41:37Okay.
00:41:38I need to edit some top classified code.
00:41:40All right.
00:41:41I'm going to go for a piss real quick, guys.
00:41:43I'll leave the chat on the screen.
00:41:45I'll be right back in five minutes.
00:41:48I appreciate it.
00:41:49Take your time, bro.
00:42:09Oh, my God.
00:42:25Wait.
00:42:26Can I show your screen?
00:42:27I'm sorry.
00:42:28Oh, no.
00:42:29Not yet.
00:42:30Yeah.
00:42:31Actually, yeah.
00:42:32You can.
00:42:33You can.
00:42:34Because I already did what I needed to do.
00:42:35All right.
00:42:36It's being shown.
00:42:38Okay.
00:42:39Cool.
00:42:40Yeah.
00:42:41So, whoever was asking, can't somebody else just create SysGuard or do...
00:42:46Oh, yeah.
00:42:47Intel.
00:42:48You guys know Intel.
00:42:49The people that make the literal fucking chips on your computer.
00:42:52My bad.
00:42:53Multi-billion dollar company, Intel.
00:42:56That's who I'm up against, kind of.
00:42:57Not that I'm necessarily in a competition with them, but they created a tool similar to mine.
00:43:02This is where I took my inspiration from.
00:43:05Or at least one of the tools I took my inspiration from.
00:43:07So, SysGuard, like I said, I showed this before in the thread, if you guys have been on Vermillion.
00:43:13It is explaining how instrumentation works.
00:43:16So, you guys see all the code on the screen?
00:43:19Whenever you see some code, this is where our code executes.
00:43:24In the yellow is the game's original code.
00:43:26So, you could see before the game's original code gets executed, our code gets executed.
00:43:32And then after the game's original code runs, then our code runs.
00:43:36So, there is a framework that could actually do this already.
00:43:39There's multiple.
00:43:41In my personal opinion, and I might be biased, SysGuard does it better than anything else.
00:43:46If there was something good on the market, trust me, I wouldn't have wasted, you know, three months and all these...
00:43:53You know, all these months, hours, time, like making my own.
00:43:57There's no tool out there that could match SysGuard's level.
00:44:01And mind you, this is Intel. This is fucking Intel, bruh.
00:44:04They make fucking chips.
00:44:06In fact, they have 700 people working on this shit.
00:44:09Over 700 people.
00:44:11And if you go and look at any of their demonstration examples...
00:44:15So, let me show you guys.
00:44:16They have some example code.
00:44:17I think right here, this is an instruction counter.
00:44:20This is how you would do it in Intel Pen.
00:44:23And versus...
00:44:25This is my API for SysGuard.
00:44:27I personally feel like my API for SysGuard is a lot cleaner.
00:44:30Look at this.
00:44:31I don't know. It looks cleaner to me.
00:44:33This is all I have to do.
00:44:34And I'm just printing on the screen.
00:44:36Versus, this is what you gotta do with Intel.
00:44:39They got all these weird-ass names and shit.
00:44:41Gotta do all these weird-ass shit. I don't know.
00:44:43But anyways, you can actually do it.
00:44:45But if you...
00:44:46Let's say that, you know...
00:44:48If you were to try to use Intel Pen right now on Hyperion or what have you...
00:44:53You're gonna get fucking detected right out the bat, bro.
00:44:56Traditionally, how most of these instrumentation frameworks work...
00:44:59They're sandboxing the code, but they leave a very large fingerprint.
00:45:05They locate a large amount of memory.
00:45:08They kind of assume that it's a normal binary application.
00:45:13It's not kind of assuming that they're gonna have all these checks in place.
00:45:17Like virtual query to detect that you're detected and stuff.
00:45:20You know what I'm saying?
00:45:21You could load up Intel Pen.
00:45:23But not only is it open source...
00:45:25You know what I'm saying?
00:45:27They're pretty much gonna be able to signature scan...
00:45:30Do all kinds of stuff that's already out there that they could use.
00:45:33Whereas SysGuard...
00:45:35It's made directly for malware and applications that's gonna be having detections and stuff.
00:45:41It's kind of like two completely different spectrums, basically.
00:45:45One is a general application for just instrumentation.
00:45:48Then you have one that's geared directly towards stealth...
00:45:52Making sure that it could modify the code in a really fast way without affecting performance.
00:45:57There's already a lot of tools right now, actually.
00:46:00For you people that are interested in time checks...
00:46:03There's actually a lot of researchers out there that's trying to work on time checks...
00:46:09To detect frameworks like Pen.
00:46:11And I believe the other one is called DynamoRIO.
00:46:14Something like that. Don't hold me to it.
00:46:16But those are the two most popular things...
00:46:19Or frameworks out there that does what SysGuard does.
00:46:22And there's already people that's trying to pen test it...
00:46:25Make vulnerabilities for it and stuff.
00:46:28If you use it right now, you're gonna get detected.
00:46:31It's no easy work.
00:46:33Somebody said, why can't anybody just create their...
00:46:36You definitely can.
00:46:38But understand that Intel Pen...
00:46:40They had 700 members contributing towards this project.
00:46:44I spent maybe roughly 3-6 months max on SysGuard.
00:46:49By myself.
00:46:52It's gonna take some time.
00:46:54It's like some 300 shit while Manic ate 700 staff.
00:46:58For real, though. For real.
00:47:00Yo, he said DynamoRIO.
00:47:03Yo, Bitsplode, that's a nice comment, bro.
00:47:05I said DynamoRIO. DynamoRIO.
00:47:08Let me put it on my screen real quick.
00:47:10Dynamo...
00:47:13This is what it's called.
00:47:16If you guys are interested in looking into that...
00:47:19This is what it's called.
00:47:24We're gonna go ahead and run the sandbox test on Zenotic.
00:47:29And then, I guess, maybe play a game on Roblox or something.
00:47:33Showcase the injection.
00:47:35Answer some more questions.
00:47:37And call it a wrap.
00:47:39Y'all ready? You ready, sir, ma'am?
00:47:41Yeah, I'm ready, bro.
00:47:42I just wanna say we all appreciate you fucking doing this.
00:47:44Going out of your way to do this for us all.
00:47:46You're bringing this whole shit back.
00:47:48This is crazy.
00:47:51We're really out here.
00:47:56Ready for the stress test.
00:48:00And it's not printing to the console anymore, right?
00:48:03Yeah, it shouldn't be.
00:48:05It should be good now.
00:48:07200 FPS.
00:48:09It was still getting over 100 frames.
00:48:11You know, that's still pretty fucking good.
00:48:12I'll take that.
00:48:14Even when I was printing to the console, I saw like...
00:48:17Maybe the lowest it got was 150.
00:48:20I don't know about you guys, but I'll take 150 frames per second, bro.
00:48:23I'll take 100.
00:48:40Okay, cool.
00:48:46Nice.
00:48:47Yeah, no more printing.
00:48:48It's good. Okay.
00:48:56And not only that, sir, me, but I'm also streaming.
00:48:59So the fact that I'm streaming...
00:49:01Yeah, on that PC as well.
00:49:03Yeah, it's kind of like, you know, that takes a toll on your FPS too.
00:49:09200.
00:49:18200.
00:49:20Damn, you can tell the fucking stream's lagging, but we can see the game.
00:49:24Look at my frames. Look at my frames in the bottom right.
00:49:26Yeah, the frames are good.
00:49:28Oh, there we go. There we go. There we go. There we go.
00:49:32I'm having less lag spikes.
00:49:35Yeah, it looks a lot better than before.
00:49:38I'm kind of asset this game, so don't mind me, but...
00:49:41I'm just kind of running around to kind of showcase.
00:49:43I'm probably just going to bunny hop everywhere.
00:49:49But like I was saying in the beginning,
00:49:51whenever SysGuard sandboxes a function,
00:49:54it uses a cache.
00:49:56So the cache basically allows you to run the game faster,
00:50:00because once you cache it...
00:50:01You guys know how cache works, right?
00:50:03It basically means that the data is already processed.
00:50:05You don't have to keep processing data and stuff.
00:50:07So, because it's already processed,
00:50:09it just speeds up the operation,
00:50:12you know, the sandboxing process much more.
00:50:15I'm just running around the map, you know,
00:50:17adding explosions, whatever goes on,
00:50:19and we're just looking at the FPS here,
00:50:21but for the most part, you guys don't see any lag, right?
00:50:23You know, it's pretty good.
00:50:24I haven't seen it drop below 150s.
00:50:28I do see it bounce to 150 every now and then,
00:50:31but shit, to be fair, to be fair,
00:50:33even when I'm not running SysGuard,
00:50:35this shit be hitting 150, so...
00:50:37You know my PC is shitty.
00:50:41Oh yeah, I've seen it hit 159.
00:50:43I've never seen it go lower than that.
00:50:45Oh, 34 FPS for a split second!
00:50:53Fuck it, I'll take that.
00:50:59Bro can't run Roblox on his PC,
00:51:01so we gotta test this thing out, dude.
00:51:18It's just to prove performance.
00:51:31By no means perfect,
00:51:33but it wouldn't be in a real-world scenario
00:51:35that I'm doing this in the first place.
00:51:37This is called a stress test for a reason.
00:51:47Put an anti-cheat in the rendering function?
00:51:53Oh my god, that is the funniest help.
00:51:56That is super funny.
00:51:59Oh yeah, let's see what kind of comments we got.
00:52:09Can't run Roblox on his PC,
00:52:11so we gotta test it on Doom.
00:52:16That is hilarious.
00:52:18At least it'll be optimized.
00:52:20You guys gotta understand,
00:52:22SysGuard is not even nowhere near optimized.
00:52:24I kind of rushed this in, what?
00:52:26What did I say, Sir Meme?
00:52:28I told you that I spent the last...
00:52:30I went ghost for a little bit
00:52:32when Electron had released.
00:52:34Between that time frame,
00:52:36maybe like a month and a half or something?
00:52:38I don't know, but I had to basically rush
00:52:40three months of work in a very small amount of time.
00:52:42So it could definitely still be improved.
00:52:46You guys kind of have an idea now.
00:52:48Oh yeah, I got ChatGP.
00:52:50SysGuard is made in ChatGP too.
00:52:52And the troop is out.
00:53:09Bro, they changed names so much, I get confused.
00:53:15I think it's literally...
00:53:17I don't even know what the fuck is happening
00:53:19with Vandal right now.
00:53:22I'm talking about the Honeypot guys.
00:53:24Oh, Vandal.
00:53:26Okay, it's called Vandal.
00:53:30Hey bro, appreciate it, man.
00:53:32Everybody that showed love on here, I really appreciate y'all.
00:53:36The believers.
00:53:48Golden Freddy, you need to understand, bro.
00:53:50He was sandboxing everything that's being fucking rendered.
00:53:54And it was still okay.
00:53:56It's a stress test, bro.
00:53:58It's a stress test.
00:54:00Not something that's going to happen in a real-world scenario.
00:54:06Also, you guys got to understand,
00:54:08I'm recording my screen.
00:54:10I don't have the best specs.
00:54:12I got Visual Studio open.
00:54:14I only have 8 gigabytes of memory.
00:54:16I literally take all these things into consideration
00:54:18and take that with a grain of salt.
00:54:20It was really an extreme stress test.
00:54:24Whenever I'm sandboxing,
00:54:26I might record a separate video,
00:54:28but whenever I'm sandboxing
00:54:30and I'm not running streams
00:54:32and all this other extra shit,
00:54:34I pretty much stay over 200 frames
00:54:36for the most part, so it's pretty stable.
00:54:40Most people here literally have
00:54:42fucking 30 series and shit, I bet.
00:54:44They'll never have to encounter
00:54:46the stresses that you just did.
00:54:54Bro, fuck it.
00:54:56Get a 4-monitor setup.
00:54:58Get one above the middle one
00:55:00so you can have a little TV.
00:55:02Bro, you need to do what 3DS did.
00:55:04Get full-on custom water cooling and shit.
00:55:10Or do what I did.
00:55:12No, I got a Threadripper.
00:55:14I was just about to say,
00:55:16do what I did and get a fucking Threadripper.
00:55:22I got the 24-core Threadripper,
00:55:24but it's actually bad because my motherboard,
00:55:26I'm pretty sure it doesn't support DDR5.
00:55:28And I want DDR5.
00:55:30It's really fucking annoying.
00:55:32Oh yeah, I'm on DDR4 RAM too.
00:55:34See, I'm so far behind,
00:55:36I don't even know that we have DDR5 RAM.
00:55:40Fuck bro, we got DDR5
00:55:42and still on 4.
00:55:44My entire motherboard needs
00:55:46to be upgraded then.
00:55:48Yeah, I think I'm going to sell my Threadripper
00:55:50and just get a Ryzen 9, whichever model,
00:55:52the latest model of Ryzen 9.
00:55:54It's still 16 cores,
00:55:56it's still powerful as shit.
00:56:02I know you won't
00:56:04explain
00:56:06the cores,
00:56:08you need the injection method,
00:56:10but bro,
00:56:12he's just trolling at this point.
00:56:14No, I think he genuinely doesn't understand.
00:56:16I know picturely he's like 16, 15 years old,
00:56:18he probably just doesn't fucking understand.
00:56:20He's like one of the,
00:56:22I don't know how to describe it.
00:56:24You want me to show the injection method?
00:56:26I mean, I kind of understand
00:56:28what he's saying.
00:56:30There's not much that I can show
00:56:32where, you know what I'm saying,
00:56:34because the more I show, obviously,
00:56:36I know for a fact they're looking at these streams,
00:56:38bro.
00:56:40There was a time when SysGuard
00:56:42used to be able to work externally.
00:56:44I used to have the suspend process
00:56:46and it was kind of just running.
00:56:48You guys saw the
00:56:50fucking performance before.
00:56:52The game was playable, but it was really shitty.
00:56:54It was very fucking like...
00:56:56Anyways, I was still able to log those syscalls
00:56:58and literally after I did that stream with you, bro,
00:57:00maybe two updates
00:57:02after I started tracking them.
00:57:04I know they're fucking looking at these cards.
00:57:06Bro, definitely.
00:57:08I'm not worried about them patching stuff.
00:57:10It's just the fact that
00:57:12why give myself more hard work
00:57:14when I've already bust my ass, you know what I'm saying?
00:57:16That's like, if they give me their sauce,
00:57:18if they come on, you know,
00:57:20hey, look at me in the fucking Roblox headquarters,
00:57:22this is how we're going to fucking patch this shit.
00:57:243DS goes live showing everyone how he's going to
00:57:26fix his tab and shit up.
00:57:28You know what I'm saying?
00:57:30I could see all that shit.
00:57:32I'm going to know what they're doing.
00:57:34I'm going to be able to text.
00:57:36Yeah, I'm about to
00:57:38undocumented CPU instructions.
00:57:40That doesn't affect
00:57:42anything, honestly.
00:57:44It doesn't affect anything.
00:57:46But yes, I am going to do a test on Roblox.
00:57:52Yeah, it can be unpatchable.
00:57:54It can be.
00:57:56It definitely can.
00:57:58It's not only that it can be unpatchable, it is unpatchable.
00:58:02I can't wait to see it in the flesh, tested.
00:58:06When we spoke about
00:58:08the injection method for it to work in the first place,
00:58:10if you are who I think you are,
00:58:12because I did
00:58:14mention that to somebody
00:58:16on Discord.
00:58:18That was before
00:58:20the January 4th date.
00:58:22After I came out the January 4th date,
00:58:24I made that thread, and I said, look,
00:58:26you can launch remote threads,
00:58:28you disable the LDR checks,
00:58:30you hook Nirvana,
00:58:32and that's literally
00:58:34all that you need to be able to create
00:58:36your own injection. That's not something
00:58:38that can be detected
00:58:40because, look, while it happens,
00:58:42you know what, I'm just going to inject
00:58:44into the processor and show you.
00:58:52Actually, before I inject into the processor,
00:58:54so,
00:58:56let me ask him.
00:59:04See, another thing
00:59:06I like to bring up is that
00:59:08PowerPoint that Luka made
00:59:10years ago, talking about the
00:59:12bytecode conversion that you came up with.
00:59:14People don't realize you were the
00:59:16fucking person behind that.
00:59:19OG, bro, OG.
00:59:21If you can do that, then I don't see
00:59:23how you can't do this.
00:59:25It makes sense to me.
00:59:27I basically started the whole thing.
00:59:29DX9, we're fucking
00:59:31whatever the fuck is
00:59:33Celestio, Celex,
00:59:35what was that other one? X11
00:59:37Solutions, none of these guys were
00:59:39doing Aimbots, ESPs,
00:59:41none of that shit until I came
00:59:43on the map. I'll be fucking revolutionizing
00:59:45this whole fucking community, bro.
00:59:47Hardware ID, whitelist,
00:59:49IP whitelist, server-sided
00:59:51whitelist, custom tabs,
00:59:53custom themes. I started
00:59:55this whole fucking shit. Nobody was doing
00:59:57any of that.
00:59:59I'll fucking innovate. I don't care
01:00:01if nobody thinks I'm the best.
01:00:03I'm not really trying to be the best, for real, bro.
01:00:05I just come on, I innovate, I do
01:00:07what I fucking do. People see that
01:00:09I'm doing, you know, like, damn, this dude's doing
01:00:11some good shit. Let me add this to my exploit.
01:00:13You know what I'm saying? And I'm happy to be inspiring
01:00:15people, because I don't give a fuck what anybody
01:00:17say. A lot of these Aimbots, ESPs, and all this
01:00:19shit you see, where the fuck was
01:00:21they before DirectX, ESP by CheapBuddy?
01:00:23I mean, I know you was doing my OG
01:00:25videos. I used to have, like, a shitty-ass
01:00:27Fox ESP, the orange
01:00:29ESP over the fucking wall.
01:00:31And your boy came, leveled up,
01:00:33made RCM what it is, and then all of a
01:00:35sudden, DX9, where all of these fucking
01:00:37ESPs and shit came on the map.
01:00:39Look, who brought it into the community? Me, bro.
01:00:41Before that, y'all could've done Aimbots,
01:00:43you know, people was sticking with script executors.
01:00:45I made a whole fucking new genre.
01:00:47That's, like, how I'm about to do again with RCM.
01:00:49With RCM.
01:00:51I just keep fucking innovating, bro. That's why these niggas
01:00:53mad be writing my dick.
01:00:55And, oh, yeah, he's using ChatGPT. Well, I got the
01:00:57fucking ChatGPT. Here the fuck is how it's
01:00:59done, bitch.
01:01:01How to fucking
01:01:03make Lego
01:01:05hack. There we fucking go.
01:01:07I can't resist.
01:01:09Let me already
01:01:11thought you'd do that, and he's fucking spoke
01:01:13with OpenAI.
01:01:15Bro,
01:01:17come on. Here we go.
01:01:19I use
01:01:21ChatGPT. You already
01:01:23know.
01:01:27But, um,
01:01:29let me see pixelated, because you defend
01:01:31yourself that sysguard can unpatch it or make it
01:01:33undetected, but if you're not, does sysguard work in the first place?
01:01:35What do you mean? It is working.
01:01:37I don't understand
01:01:39what you're saying, bro. So, look,
01:01:41if you go back to my video,
01:01:43um, when I made
01:01:45my Guardian video, hold up.
01:01:53Oh, this is why,
01:01:55this is basically why the loader
01:01:57works, right?
01:01:59Whenever I inject it into
01:02:01the process, you see the game running like normal,
01:02:03right? Here, I inject to my
01:02:05helloDLL. Boom. All of a
01:02:07sudden, the game frees. You can't hear any
01:02:09sound. You can't hear anything.
01:02:11So, while all this is going on,
01:02:13the reason why you're saying that
01:02:15they could detect my injection method,
01:02:17the reason why they can't detect my injection
01:02:19method is because the game,
01:02:21the anti-cheat, everything is completely
01:02:23suspended during this stage.
01:02:25While it's suspended, everything
01:02:27is restored. It's
01:02:29almost restored back to an original
01:02:31application. All the system hooks,
01:02:33NTDLL, kernel32,
01:02:35all that shit that I was showing you guys,
01:02:37is returned to its normal state.
01:02:39It's returned to its normal
01:02:41state. Every fucking hook that's
01:02:43hooked that you could think of is returned to its
01:02:45normal state. Since everything was
01:02:47returned to its normal state, none
01:02:49of their code runs when
01:02:51sysguard injects. This
01:02:53is why I put pwned by sysguard.
01:02:55Hyperion, are you fucking there?
01:02:57Are you there? Because you're fucking pwned.
01:02:59That's why I put that there, bro. Okay?
01:03:01So during, after the game resumes,
01:03:03you see all their hooks. This is all the hooks.
01:03:05If you look in the console, I got all
01:03:07the hooks. I say the memory is free at,
01:03:09you know, this is just, fuck the imgui
01:03:11bullshit. None of this shit matters. This is just
01:03:13information for me to know that
01:03:15my injection method, my, you
01:03:17know, everything that I've done on my side
01:03:19is working correctly. Okay? It says
01:03:21LDR hooks 108. So,
01:03:23you're wondering, how can
01:03:25sysguard work if the injection method
01:03:27gets patched? Injection method
01:03:29cannot get patched. The reason why the injection
01:03:31method cannot get patched, during
01:03:33the stage that, first of all,
01:03:35whenever the game freezes for a
01:03:37while, um, you, they can't
01:03:39detect the difference between the game
01:03:41free, I mean, they do have, you know,
01:03:43detections for it. Usually,
01:03:45if my game froze like this, if
01:03:47I did this and I resume my game after
01:03:49I'm supposed to crash, you guys
01:03:51saw after my game resumed like normal,
01:03:53I started moving my screen and I,
01:03:55I didn't do this because I was running a
01:03:57fucking aimbot or anything like that
01:03:59or because I was trying to hack.
01:04:01Anybody that has actually tried to reverse
01:04:03engineer the process or try to suspend
01:04:05the process or try to
01:04:07inject into the process, knows
01:04:09after I did that shit, I should've fucking
01:04:11crashed. My client should've fucking blown
01:04:13up, basically. So, I just
01:04:15decided to move my screen around, you know,
01:04:17shoot the screen real quick, like, look at me,
01:04:19I'm still freely doing whatever the fuck
01:04:21I want, even though I just, you know,
01:04:23injected into the process. So, this is pretty much
01:04:25what that's demonstrating. But, uh, let's rewind
01:04:27real quick, going back to this initial stage,
01:04:29Hyperion, are you there?
01:04:31During this process, like I said, they have
01:04:33checks in the Windows Loader, I'm not
01:04:35gonna get into it, not trying to incriminate myself,
01:04:37not trying to give them hints on how my shit's working,
01:04:39but,
01:04:41you know, fuck you, bro!
01:04:43You know, you know what I'm saying?
01:04:47Give them my calls so that you can
01:04:49understand. Since you keep fucking dickwriting
01:04:51and shit, you know, there's your answer.
01:04:53But, um,
01:04:55Hyperion, are you there? I told you to watch the video
01:04:57and you pretty much, you know, brought me
01:04:59to this point, so, I don't want to see
01:05:01any more questions from you, you know, you're kind of
01:05:03bringing out Savage Cheap Buddy right now,
01:05:05and, um, I just answered your question, so
01:05:07anybody else got any questions before we move on?
01:05:09Go to Freddy, bro.
01:05:11Go to Freddy, you need to realize
01:05:13what RCM is gonna be.
01:05:15Uh, finally
01:05:17explained it, that makes sense.
01:05:19Yes, it's injector
01:05:21while it's paused, yeah.
01:05:23So, it can't detect us while it's paused.
01:05:25Because we're not running any of their code.
01:05:27So, it's injector
01:05:29while it's paused.
01:05:31So, it can't detect us while it's paused.
01:05:33So, it's injector
01:05:35while it's paused.
01:05:37We're not running any of their code.
01:05:43Um, oh yeah.
01:05:45Some people were saying they wanted to see
01:05:47SysGuard on Roblox. I mean, I could
01:05:49inject, but like I said, I'm not
01:05:51showcasing anything internally. You would
01:05:53basically just see me injecting to the process.
01:05:55If you want to see that, just go back
01:05:57and watch the, you know, the January 4th
01:05:59video. So, I mean,
01:06:01you guys already seen that it works on the process.
01:06:03If you guys want to see it again, I'll be happy to.
01:06:05But, you know, let me know what y'all
01:06:07want to see next. I showcase
01:06:09that we could hook every function. I showcase
01:06:11the instruction count. Um,
01:06:13what else did I showcase, sir? I mean, I showcase
01:06:15the stress test. Um,
01:06:17yeah, everything.
01:06:19God mode, stress test.
01:06:21God mode, all of that.
01:06:27And we see some actual cheats.
01:06:29So, this was just
01:06:31a demo of SysGuard. Of course, we're going to be using
01:06:33SysGuard now to work on Electron.
01:06:35Um, we had a setback.
01:06:37I told you guys earlier, you know, we
01:06:39wanted to be a little bit more further ahead.
01:06:41Fortunately, uh,
01:06:43the project that I was working on for two
01:06:45weeks, um, to get Electron
01:06:47to the state, you know, where we could showcase
01:06:49a demo, um, that kind of flopped.
01:06:51So, I had to resort to a backup method.
01:06:53Um, like I said, you just gotta
01:06:55be resilient, you know what I'm saying? Sometimes you're gonna have
01:06:57plans, ideas, and you just gotta have
01:06:59the balls to try them out, and sometimes shit's
01:07:01not gonna go the fucking way. That's life, you know
01:07:03what I'm saying? You get the fuck back up, you
01:07:05keep fucking going, you keep trying something new.
01:07:07That's the only difference between me and these
01:07:09other fucking skids, bro.
01:07:11They're in my shoe, bro.
01:07:13They're gonna fucking give up. They're like, fuck, you know what I'm saying?
01:07:15Who wanna be up 12 hours,
01:07:1714 hours a fucking day sometimes, trying
01:07:19to figure out one fucking problem, spending weeks
01:07:21on end. No pay. No pay.
01:07:23Mind you. You know, like,
01:07:25never. Y'all could fucking, y'all could never,
01:07:27y'all could never shut the fuck up.
01:07:31...
01:07:33...
01:07:35Insane. Haven't heard about Sandbox.
01:07:37Yeah, Sysguard is
01:07:39actually a lot like Sandboxy. That's an
01:07:41analogy that I made before.
01:07:43...
01:07:45Oh yeah, that new user interface,
01:07:47man, I can't wait. I can't wait.
01:07:49Hell yeah. How much?
01:07:51Oh yeah, you did ask me about that.
01:07:53Um, so,
01:07:55as far as the hooks,
01:07:57I don't have an actual
01:07:59account. Actually, I think I do. I think I do.
01:08:01I'm gonna inject real quick so I can see.
01:08:03Um, Sermin,
01:08:05can you hide my screen again real quick? Yeah, yeah, yeah.
01:08:07It's hidden.
01:08:09...
01:08:11...
01:08:13...
01:08:15...
01:08:17...
01:08:19...
01:08:21...
01:08:23...
01:08:25...
01:08:27...
01:08:29...
01:08:31...
01:08:33...
01:08:35...
01:08:37...
01:08:39...
01:08:41...
01:08:43...
01:08:45...
01:08:47...
01:08:49...
01:08:51...
01:08:53...
01:08:55...
01:08:57...
01:08:59...
01:09:01...
01:09:03...
01:09:05...
01:09:07...
01:09:09...
01:09:11...
01:09:13...
01:09:15...
01:09:17...
01:09:19...
01:09:21...
01:09:23...
01:09:25...
01:09:27...
01:09:29...
01:09:31...
01:09:33...
01:09:35...
01:09:37...
01:09:39...
01:09:41...
01:09:43...
01:09:45...
01:09:47...
01:09:49...
01:09:51...
01:09:53...
01:09:55...
01:09:57...
01:09:59...
01:10:01...
01:10:03...
01:10:05...
01:10:07...
01:10:09...
01:10:11...
01:10:13...
01:10:15...
01:10:17...
01:10:19...
01:10:21...
01:10:23...
01:10:25...
01:10:27...
01:10:29...
01:10:31...
01:10:33...
01:10:35...
01:10:37...
01:10:39...
01:10:41...
01:10:43...
01:10:45...
01:10:47...
01:10:49...
01:10:51...
01:10:53...
01:10:55...
01:10:57...
01:10:59...
01:11:01...
01:11:03...
01:11:05...
01:11:07...
01:11:09...
01:11:11...
01:11:13...
01:11:15...
01:11:17...
01:11:19...
01:11:21...
01:11:23...
01:11:25...
01:11:27...
01:11:29...
01:11:31...
01:11:33...
01:11:35...
01:11:37...
01:11:39...
01:11:41...
01:11:43...
01:11:45...
01:11:47...
01:11:49...
01:11:51...
01:11:53...
01:11:55...
01:11:57...
01:11:59...
01:12:01...
01:12:03...
01:12:05...
01:12:07...
01:12:09...
01:12:11...
01:12:13...
01:12:15...
01:12:17...
01:12:19...
01:12:21...
01:12:23...
01:12:25...
01:12:27...
01:12:29...
01:12:31...
01:12:33...
01:12:35...
01:12:37...
01:12:39...
01:12:41...
01:12:43...
01:12:45...
01:12:47...
01:12:49...
01:12:51...
01:12:53...
01:12:55...
01:12:57...
01:12:59...
01:13:01...
01:13:03...
01:13:05...
01:13:07...
01:13:09...
01:13:11...
01:13:13...
01:13:15...
01:13:17...
01:13:19...
01:13:21...
01:13:23...
01:13:25...
01:13:27...
01:13:29...
01:13:31...
01:13:33...
01:13:35...
01:13:37...
01:13:39...
01:13:41...
01:13:43...
01:13:45...
01:13:47...
01:13:49...
01:13:51...
01:13:53...
01:13:55...
01:13:57...
01:13:59...
01:14:01...
01:14:03...
01:14:05...
01:14:07...
01:14:09...
01:14:11...
01:14:13...
01:14:15...
01:14:17...
01:14:19...
01:14:21...
01:14:23...
01:14:25...
01:14:27...
01:14:29...
01:14:31I don't know. I don't want to talk down at anyone, but it's just a sad thing. I'll leave it at that, bro
01:14:36We really had a good thing going when I get a phase for real. I was before my time
01:14:41I've heard all the stories about it. I'm like shit
01:14:46But I just know for a fact if we're still together because that's when I created a group
01:14:50I literally was looking for the best and you know
01:14:53I only accepted the best and I beat the best of the best then you know
01:14:57We created the whole foundation of community bro every single product that you see as derived from you know
01:15:03What we started like we kind of put it in motion. We put the wave in motion found in farmers just
01:15:08Yeah, just evolved and now there's a next generation and stuff. They don't really too much know about the history
01:15:17Austin's acting I tried to talk with Austin. He doesn't know what a fucking chat
01:15:22Yeah, I I don't feel any way about people leaving the community
01:15:26I mean, we're all getting grown and older so you know back in the day. It was kind of easier
01:15:31You know I'm saying nobody really had responsibilities
01:15:34No bills or none to worry about those kids
01:15:38But you know so nowadays
01:15:39I can't just sit my ass at home and work on my program like on you know I'm saying I got to go out
01:15:44And actually hustle to get some money to know I'm saying it's not like I'm being paid
01:15:48Actually work on this shit
01:15:49You know the money comes after but before the money comes you have to bust your fucking ass every single day
01:15:55until
01:16:00So I mean you ain't no stranger to that I mean four years to get to 40k
01:16:05That's after I got deleted, but I already got to 56 chaos, but we know I got the lead. I dude you had got deleted, bro
01:16:12Oh my god
01:16:19All the people that really are you got some of the best supporters on YouTube oh, I do I do I fucking do
01:16:25The people that tune into these streams are amazing like shout to all you guys like none of this shit would be possible if it
01:16:31Went for all of you guys like none of this shit
01:16:36So here's to a 2020
01:16:39I'm gonna stop screen share because I don't really have anything else. I'm just gonna be answering question
01:16:46I've been gagging to hit a bonus whole stream. I just want to be fucked
01:16:55Shit man, I should got me worked up. I got a job. Oh, yeah
Be the first to comment
Add your comment

Recommended

ROBLOX EXPLOITING IN 2024 - THE CURRENT SITUATION FULLY EXPLAINED - ROBLOX BANNING SYSTEM EXPLAINED
SirMemeV2
1 year ago
HOW TO FIX VERSION MISMATCH ERROR ON ROBLOX - USE YOUR EXECUTOR OR EXTERNAL AGAIN WITHOUT ISSUES!
SirMemeV2
2 months ago
HOW TO DOWNGRADE ROBLOX OCTOBER 2025 [SIRMEME REPOST]
SirMemeV2
2 months ago
Shroud Literally Got Unreal Aim Skills (He Admitted)
Good Videos
7 years ago
I Scammed ItsFunneh's Brother with a Banana
Best Video
8 years ago
NUKING LITTLE ANGELS DAYCARE?!?!|ROBLOX EXPLOITING #60
adriannavictor5689
8 years ago
Ninja Wins PRO AM Fortnite Tournament! *BREAKS TWITCH VIEWER RECORD* - Fortnite Highlights
Walkthroughs Man
8 years ago
ROBLOX | OMG! Jandel Went Crazy With The Admin Abuse Stock… (Grow a Garden)
WinT
4 months ago
BECOMING THE TOP PLAYER! *FASTEST* (Roblox Speed Unlimited)
Superb Videos
8 years ago
The OWNER Joined And Gave Me DEVELOPER Rank.. "Roblox Weapon Simulator"
Trend Video
7 years ago
ROBLOX | All Prismatic Recipes in Grow a Garden + How to Get Gourmet Eggs Fast (Cooking Event Guide)
WinT
5 months ago
Nick Eh 30 Is The Best To Destroy Enemies Who Have The High Ground
Trend Video
7 years ago
lenovo the computer restarted unexpectedly or encountered an unexpected error -- Solved
VictorExplains
2 weeks ago
Windows Can’t and unable Format USB Drive - Error 100% Solved
VictorExplains
2 weeks ago
How to stop Word / powerpoint from auto-changing language
VictorExplains
2 weeks ago
HOW TO BYPASS ROBLOX BANNING API - WORKS ON ALL GAMES - FALLEN SURVIVAL _ RIVALS & MORE!
SirMemeV2
2 months ago
MAKE YOUR OWN AI POWERED AIMBOT! NO CODING! NO CHAT GPT!
SirMemeV2
2 years ago
Former Aide Claims She Was Asked to Make a ‘Hit List’ For Trump
Veuer
2 years ago
Musk’s X Is ‘the Platform With the Largest Ratio of Misinformation or Disinformation’ Amongst All Social Media Platforms
Veuer
2 years ago
59 companies that are changing the world: From Tesla to Chobani
Fortune
2 years ago
3 Things to Know About Coco Gauff's Parents
People
2 years ago
8 Things to Do in the Morning to Improve Productivity
Martha Stewart Living
2 years ago
USC vs. Colorado: Can Caleb Williams Earn a New Heisman Moment?
SportsGrid
2 years ago
Vic Mensa Reveals Celebrity Crush, Biggest Dating Pet Peeve & More on Speed Dating | Billboard News
Billboard
2 years ago
Hollywood Writers Reach ‘Tentative Agreement’ With Studios After 146 Day Strike
Veuer
2 years ago