How GameSentry Simplifies Game Security Testing: Design, Risks, and Open‑Source Benefits

Background

GameSentry originates from NetEase Yidun's mobile security team, built on years of frontline experience and methodology. It is a simple, efficient tool that reduces deep security testing barriers by analyzing game protocols, function logic, addresses, partial code hot‑updates, and automated hooks.

What Is Security Testing

Game development typically follows four stages: Development, Testing, Release, and Operation. Effective security testing before release strengthens external defenses, discovers internal design and code flaws, and improves overall game longevity and player experience.

Common Game Security Testing Directions

Game protocol vulnerability testing: Modify protocol data to uncover exploitable design, validation, or logic flaws.

Server robustness testing: Send malformed or massive data to verify server stability against attacks.

Cheat simulation testing: Simulate memory modifications, speed hacks, or resource changes to check if cheats can gain advantage.

Testers adopt attacker‑oriented techniques such as reverse engineering and exploit discovery to identify weaknesses, assess risks, and propose remediation.

Typical Testing Methods

Resource extraction: AssetStudio, UABE C# code analysis: il2cppdumper, dnspy Lua code analysis: dump, load, reload Memory modification: GameGuardian, Frida, hook techniques, root tools

Resource Cracking

Risk: Game resource leakage. Test steps: Use tools to extract resources and check for unencrypted or crackable assets such as images, audio, models. Note: Only flag resources that should not be exposed (e.g., item icons, background music).

Engine‑specific tools: Unity – AssetStudio/GD Ripper; UE4 – umodel; NeoX – GD Ripper/quickBMS; NPK – NPKExtractor1.1.5.5.

Re‑signature Verification

Delete key art assets, repackage, and observe if game logic is affected.

Delete audio or effect resources, repackage, and check for vulnerabilities.

Randomly sample files when precise identification is difficult.

Rename files to see if free skins replace paid ones.

After modifying the APK, attempt reinstall and run to verify impact.

DLL Modification Risk

Risk: Altered game logic. Test steps: Use ilspy with Reflexil to modify Assembly‑CSharp.dll, recompile, replace the original DLL, repackage the APK, install, and observe behavior.

SO Cracking Risk

Risk: Modified game logic. Test steps: Check for missing function symbols (e.g., mono_image_open_from_data_with_name, luaL_loadbufferx, il2cpp_image_get_class) and search for suspicious symbols like data‑%p in il2cpp.so.

Anti‑Debug Detection

Open the game with a debugger.

Set breakpoints at libc.so and open.

Run the game and observe if execution pauses.

Save File Migration

Copy game directory to PC, then to another device or emulator, and verify whether original progress is retained.

Plaintext Save File Storage

Check for .sqlite or .db files and attempt to open with SQLite Manager.

Open other save files in a text editor to see if data is plaintext.

Inspect configuration files for plaintext sensitive information.

Memory Testing

Analyze game logic and modify corresponding memory locations using decompilation, memory dump, and hook techniques to detect privilege escalation, value tampering, or logic errors.

Protocol Testing

Extract all game protocols, modify and resend them (requiring APK decompilation, possible decryption, and hook injection) to test for unauthorized actions, malformed data handling, and replay attacks.

Advantages of GameSentry

Traditional security testing demands high reverse‑engineering skills, making it time‑consuming and limiting. GameSentry lets testers focus on game logic rather than low‑level hooking or Lua modifications, simplifying memory and protocol testing while lowering the skill barrier.

By analyzing games from an attacker’s perspective, GameSentry helps uncover weaknesses early, enabling security teams to prepare fixes before exploitation, thus minimizing post‑release cheat impact and mitigation costs.

Why Open‑Source?

NetEase Yidun’s two‑decade frontline experience produced extensive methodologies encapsulated in this tool. Open‑sourcing encourages community contributions, improves compatibility across Unity, il2cpp, and other engines, and avoids reinventing the wheel, ultimately enhancing industry efficiency.

Open‑source also aligns with the goal of reducing security testing complexity, allowing game companies to detect and address vulnerabilities early, build robust protection systems, extend game lifecycles, and improve user experience.

Current Version Overview

Feature

Supported

Function display

✔

Function hook

✔

Memory instance display

✔

Function call

✔

Function modification

✔

One‑click log display

✔

Dump (Lua, dll)

✔

Lua hot‑reload without restart

✔

Protocol display

✔

Protocol modification

✔

Custom extensions

✔

Join the Contribution

If you are planning security testing before a new project launch or struggling with APK reverse engineering, you are welcome to use GameSentry, provide feedback, and contribute to the open‑source community.