๐Ÿ›ก๏ธ RCE Shield

February 12, 2026 ยท View on GitHub

RCE Shield is a comprehensive security hardening toolkit designed specifically for PC gamers. It detects, prevents, and remediates Remote Code Execution (RCE) vulnerabilities in game launchers, mod loaders, overlay software, voice chat clients, and gaming peripherals.

๐ŸŽฏ Why Gamers Need This

PC gamers are uniquely vulnerable to RCE attacks because they:

  • Run game launchers with elevated privileges (Steam, Epic, Battle.net, EA App)
  • Install mods from untrusted sources that execute arbitrary code
  • Use overlay software (Discord, GeForce Experience) that hooks into game processes
  • Run anti-cheat software with kernel-level access (EAC, BattlEye, Vanguard)
  • Have open ports for multiplayer, voice chat, and game streaming
  • Use peripheral software (Razer Synapse, iCUE, Logitech G Hub) with auto-update RCE vectors

๐Ÿ” What RCE Shield Scans

Game Launchers & Stores

LauncherChecks
SteamWorkshop mod validation, Steam protocol handler, overlay DLL injection, VAC bypass detection
Epic GamesUnreal Engine RCE (CVE-2023-36340), launcher update integrity
Battle.netAgent process privileges, BNET protocol handler
EA AppOrigin protocol handler, background services
GOG GalaxyPlugin sandboxing, offline installer integrity

Anti-Cheat Systems

Anti-CheatChecks
Easy Anti-Cheat (EAC)Kernel driver integrity, service permissions
BattlEyeDriver signature validation, memory protection
Riot VanguardBoot-time driver audit, ring-0 attack surface
FACEIT Anti-CheatService isolation, privilege escalation paths

Overlay & Communication

SoftwareChecks
DiscordRPC server exposure, rich presence RCE, overlay hooks
NVIDIA GeForce ExperienceGameStream RCE, Telemetry service, ShadowPlay hooks
AMD AdrenalinOverlay injection, telemetry endpoints
OBS StudioWebSocket API exposure, browser source sandboxing

Modding Platforms

PlatformChecks
Nexus Mods (Vortex)FOMOD script execution, symlink attacks
CurseForgeFractureiser-style malware detection, JAR analysis
ThunderstoreBepInEx plugin validation
Steam WorkshopSerialization RCE, Lua/Python sandbox escape

๐Ÿš€ Quick Start

# Clone
git clone https://github.com/bad-antics/rce-shield.git
cd rce-shield

# Install
pip install -e .

# Full system scan
rce-shield scan --full

# Scan specific category
rce-shield scan --launchers
rce-shield scan --anticheat
rce-shield scan --mods
rce-shield scan --overlays
rce-shield scan --network

# Auto-fix (with backup)
rce-shield fix --auto

# Generate report
rce-shield report --html --output ~/Desktop/rce_report.html

# Real-time monitoring
rce-shield monitor --daemon

๐Ÿ“‹ Scan Modules

๐ŸŽฎ scan_launchers โ€” Game Launcher Hardening

  • Protocol handler validation (steam://, com.epicgames.launcher://)
  • Auto-update MITM vulnerability check
  • DLL search order hijacking detection
  • Privilege escalation via service misconfigurations
  • Workshop/mod directory permission audit

๐Ÿ›ก๏ธ scan_anticheat โ€” Anti-Cheat Driver Audit

  • Kernel driver signature validation
  • Service ACL and permission analysis
  • Known CVE vulnerability matching
  • Ring-0 attack surface assessment
  • Boot-time driver loading audit

๐Ÿ”Œ scan_mods โ€” Mod & Plugin Security

  • Fractureiser malware pattern detection
  • Obfuscated code analysis in JAR/DLL mods
  • Script sandbox escape detection (Lua, Python, C#)
  • Symlink/junction attack prevention
  • Mod file hash verification against known-good databases

๐Ÿ“ก scan_network โ€” Gaming Network Hardening

  • Open port enumeration (game servers, voice chat, streaming)
  • UPnP/NAT-PMP exposure audit
  • Game streaming service security (Parsec, Moonlight, Steam Link)
  • Voice chat protocol analysis (Discord RPC, TeamSpeak query)
  • DDoS protection assessment

๐Ÿ–ฅ๏ธ scan_overlays โ€” Overlay & Hook Security

  • DLL injection detection in game processes
  • Overlay permission audit
  • WebSocket/HTTP API exposure
  • Telemetry endpoint analysis
  • Browser source sandboxing (OBS)

โŒจ๏ธ scan_peripherals โ€” Gaming Peripheral Software

  • Auto-update integrity verification
  • Background service privilege audit
  • Macro engine sandbox assessment
  • Cloud sync credential security
  • USB HID attack surface analysis

๐Ÿ“Š Output Formats

  • Terminal โ€” Color-coded severity output with progress bars
  • HTML โ€” Interactive dashboard with risk scores & remediation guides
  • JSON โ€” Machine-readable for CI/CD integration
  • CSV โ€” Spreadsheet-compatible findings export
  • SARIF โ€” GitHub Security tab integration

๐Ÿ—๏ธ Architecture

rce-shield/
โ”œโ”€โ”€ rce_shield/
โ”‚   โ”œโ”€โ”€ __init__.py
โ”‚   โ”œโ”€โ”€ cli.py              # Click-based CLI
โ”‚   โ”œโ”€โ”€ core/
โ”‚   โ”‚   โ”œโ”€โ”€ scanner.py       # Base scanner engine
โ”‚   โ”‚   โ”œโ”€โ”€ reporter.py      # Multi-format report generator
โ”‚   โ”‚   โ”œโ”€โ”€ fixer.py         # Auto-remediation engine
โ”‚   โ”‚   โ””โ”€โ”€ monitor.py       # Real-time file/process monitor
โ”‚   โ”œโ”€โ”€ scanners/
โ”‚   โ”‚   โ”œโ”€โ”€ launchers.py     # Game launcher scanner
โ”‚   โ”‚   โ”œโ”€โ”€ anticheat.py     # Anti-cheat driver auditor
โ”‚   โ”‚   โ”œโ”€โ”€ mods.py          # Mod/plugin security scanner
โ”‚   โ”‚   โ”œโ”€โ”€ network.py       # Network exposure scanner
โ”‚   โ”‚   โ”œโ”€โ”€ overlays.py      # Overlay & hook scanner
โ”‚   โ”‚   โ””โ”€โ”€ peripherals.py   # Peripheral software scanner
โ”‚   โ”œโ”€โ”€ cve/
โ”‚   โ”‚   โ””โ”€โ”€ database.py      # Known CVE database for gaming software
โ”‚   โ””โ”€โ”€ utils/
โ”‚       โ”œโ”€โ”€ platform.py      # OS-specific helpers
โ”‚       โ”œโ”€โ”€ process.py       # Process inspection utilities
โ”‚       โ””โ”€โ”€ hashing.py       # File integrity helpers
โ”œโ”€โ”€ tests/
โ”œโ”€โ”€ docs/
โ””โ”€โ”€ pyproject.toml

๐Ÿค Contributing

See CONTRIBUTING.md for guidelines.

๐Ÿ“œ License

MIT License โ€” See LICENSE for details.

โš ๏ธ Disclaimer

RCE Shield is a defensive security tool for auditing your own systems. Never use it to scan systems you don't own or have explicit authorization to test. The authors are not responsible for misuse.


Built by NullSec
Protecting gamers from the threats they don't see coming.