🛡️ RCE Shield — Remote Code Execution Hardening for PC Gamers

RCE Shield is a comprehensive security hardening toolkit designed specifically for PC gamers. It detects, prevents, and remediates Remote Code Execution (RCE) vulnerabilities in game launchers, mod loaders, overlay software, voice chat clients, and gaming peripherals.

🎯 Why Gamers Need This

PC gamers are uniquely vulnerable to RCE attacks because they:

• Run game launchers with elevated privileges (Steam, Epic, Battle.net, EA App)
• Install mods from untrusted sources that execute arbitrary code
• Use overlay software (Discord, GeForce Experience) that hooks into game processes
• Run anti-cheat software with kernel-level access (EAC, BattlEye, Vanguard)
• Have open ports for multiplayer, voice chat, and game streaming
• Use peripheral software (Razer Synapse, iCUE, Logitech G Hub) with auto-update RCE vectors

🔍 What RCE Shield Scans

Game Launchers & Stores

Launcher	Checks
Steam	Workshop mod validation, Steam protocol handler, overlay DLL injection, VAC bypass detection
Epic Games	Unreal Engine RCE (CVE-2023-36340), launcher update integrity
Battle.net	Agent process privileges, BNET protocol handler
EA App	Origin protocol handler, background services
GOG Galaxy	Plugin sandboxing, offline installer integrity

Anti-Cheat Systems

Anti-Cheat	Checks
Easy Anti-Cheat (EAC)	Kernel driver integrity, service permissions
BattlEye	Driver signature validation, memory protection
Riot Vanguard	Boot-time driver audit, ring-0 attack surface
FACEIT Anti-Cheat	Service isolation, privilege escalation paths

Overlay & Communication

Software	Checks
Discord	RPC server exposure, rich presence RCE, overlay hooks
NVIDIA GeForce Experience	GameStream RCE, Telemetry service, ShadowPlay hooks
AMD Adrenalin	Overlay injection, telemetry endpoints
OBS Studio	WebSocket API exposure, browser source sandboxing

Modding Platforms

Platform	Checks
Nexus Mods (Vortex)	FOMOD script execution, symlink attacks
CurseForge	Fractureiser-style malware detection, JAR analysis
Thunderstore	BepInEx plugin validation
Steam Workshop	Serialization RCE, Lua/Python sandbox escape

🚀 Quick Start

# Clone
git clone https://github.com/bad-antics/rce-shield.git
cd rce-shield

# Install
pip install -e .

# Full system scan
rce-shield scan --full

# Scan specific category
rce-shield scan --launchers
rce-shield scan --anticheat
rce-shield scan --mods
rce-shield scan --overlays
rce-shield scan --network

# Auto-fix (with backup)
rce-shield fix --auto

# Generate report
rce-shield report --html --output ~/Desktop/rce_report.html

# Real-time monitoring
rce-shield monitor --daemon

📋 Scan Modules

🎮 scan_launchers — Game Launcher Hardening

• Protocol handler validation (steam://, com.epicgames.launcher://)
• Auto-update MITM vulnerability check
• DLL search order hijacking detection
• Privilege escalation via service misconfigurations
• Workshop/mod directory permission audit

🛡️ scan_anticheat — Anti-Cheat Driver Audit

• Kernel driver signature validation
• Service ACL and permission analysis
• Known CVE vulnerability matching
• Ring-0 attack surface assessment
• Boot-time driver loading audit

🔌 scan_mods — Mod & Plugin Security

• Fractureiser malware pattern detection
• Obfuscated code analysis in JAR/DLL mods
• Script sandbox escape detection (Lua, Python, C#)
• Symlink/junction attack prevention
• Mod file hash verification against known-good databases

📡 scan_network — Gaming Network Hardening

• Open port enumeration (game servers, voice chat, streaming)
• UPnP/NAT-PMP exposure audit
• Game streaming service security (Parsec, Moonlight, Steam Link)
• Voice chat protocol analysis (Discord RPC, TeamSpeak query)
• DDoS protection assessment

🖥️ scan_overlays — Overlay & Hook Security

• DLL injection detection in game processes
• Overlay permission audit
• WebSocket/HTTP API exposure
• Telemetry endpoint analysis
• Browser source sandboxing (OBS)

⌨️ scan_peripherals — Gaming Peripheral Software

• Auto-update integrity verification
• Background service privilege audit
• Macro engine sandbox assessment
• Cloud sync credential security
• USB HID attack surface analysis

📊 Output Formats

• Terminal — Color-coded severity output with progress bars
• HTML — Interactive dashboard with risk scores & remediation guides
• JSON — Machine-readable for CI/CD integration
• CSV — Spreadsheet-compatible findings export
• SARIF — GitHub Security tab integration

🏗️ Architecture

rce-shield/
├── rce_shield/
│   ├── __init__.py
│   ├── cli.py              # Click-based CLI
│   ├── core/
│   │   ├── scanner.py       # Base scanner engine
│   │   ├── reporter.py      # Multi-format report generator
│   │   ├── fixer.py         # Auto-remediation engine
│   │   └── monitor.py       # Real-time file/process monitor
│   ├── scanners/
│   │   ├── launchers.py     # Game launcher scanner
│   │   ├── anticheat.py     # Anti-cheat driver auditor
│   │   ├── mods.py          # Mod/plugin security scanner
│   │   ├── network.py       # Network exposure scanner
│   │   ├── overlays.py      # Overlay & hook scanner
│   │   └── peripherals.py   # Peripheral software scanner
│   ├── cve/
│   │   └── database.py      # Known CVE database for gaming software
│   └── utils/
│       ├── platform.py      # OS-specific helpers
│       ├── process.py       # Process inspection utilities
│       └── hashing.py       # File integrity helpers
├── tests/
├── docs/
└── pyproject.toml

🤝 Contributing

See CONTRIBUTING.md for guidelines.

📜 License

MIT License — See LICENSE for details.

⚠️ Disclaimer

RCE Shield is a defensive security tool for auditing your own systems. Never use it to scan systems you don't own or have explicit authorization to test. The authors are not responsible for misuse.

---

Built by NullSec
Protecting gamers from the threats they don't see coming.