In the cheat world, there are two fundamentally different approaches: internal and external. Understanding the difference is crucial for staying undetected.
Internal Cheats
Internal cheats inject code into the game's process — reading memory, hooking functions, injecting DLLs. Anti-cheats are specifically designed to detect this:
- EasyAntiCheat scans for injected DLLs and hooks
- BattlEye monitors system calls and memory access
- Vanguard runs at kernel level and sees everything
- Ricochet uses a kernel driver to detect memory manipulation
External Cheats
External cheats never touch the game. They use standard Windows APIs to capture the screen and simulate input. From the anti-cheat's perspective, nothing suspicious is happening — just a normal application reading pixels and moving a mouse.
Why External Is Safer
An external tool that reads pixels via DXGI Desktop Duplication is indistinguishable from OBS, Discord screen share, or Windows Magnifier. Mouse input via hardware devices is indistinguishable from a real mouse. No signature to scan, no injection to detect.
Skyrant's External Approach
Zero game interaction. DXGI capture. Mouse input via undocumented Windows APIs or hardware. No drivers, no injection, no memory reading. Undetected since 2021.