Tutorial Internal vs. External Hacks - What's the difference?

Hexui Undetected CSGO Cheats Sinkicheat PUBG Cheat

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,099
78,998
2,373
Game Name
N/A
Anticheat
N/A
Coding Language
N/A
Internal vs. External?

External
External Hacks use WriteProcessMemory(WPM) and ReadProcessMemory(RPM) to interact with the game process's memory. To do this you need to ask the kernel to give you a handle to the process by using OpenProcess() with the Process Access Rights you require, typically PROCESS_ALL_ACCESS. The handle is a required parameter for RPM/WPM. Kernel mode anticheats can easily block external hacks by using ObjRegisterCallbacks to block handle creation. Info from DouggemHacks. RPM/WPM is slow because you have the overhead of the API calls into the kernel. You should limit the frequency of these calls and store as much information locally as possible to increase the performance of your external hack. If the game has no method of detecting RPM making an overlay ESP is a good way of making an undetected external ESP because you only need RPM to be undetected.

Pros of external:
  • In my opinion none compared to internal unless you just want to super quickly patch some bytes and then close the hack
Cons of external:
  • Super easy to detect because of the open process handle
  • Harder to use especially for beginners (WPM/RPM, getting the PID, blalba) though easy to master because it has no potential
  • Less potential
  • Slow

Internal
Internal hacks are created by injecting DLLs into the game process, when you do this you have direct access to the process's memory which means fast performance and simplicity. Injected DLL's can be made more sneaky by using different injection methods such as Manual Mapping. View the GuidedHacking Injector thread for more info
Try a simple DLL hack source code for Assault Cube for learning purposes.
When you are internal you create pointers to objects, typecast them and point them to objects in memory. Then you can access variables of that object easily through the pointer. ReClass is a great tool for generating classes from memory. This is an example of how to typecast variables in memory and modify them in an internal cheat:

C++:
DWORD* localPlayerAddress = (DWORD*)(0x509B74);
int * health = (int*)(*localPlayerAddress + 0xf8);
*health = 1337;
Pros of internal:
  • Sick performance
  • Easy to start off with
  • Much potential
  • Can be super sneaky and almost impossible to detect if done properly
Cons of internal:
  • Hard to master
  • Easier to detect when you don't know what you're doing
External and Internal Video Tutorials
We have this awesome External Trainer Video Tutorial, which we turn into an Internal Hack in the second video, it will be extremely helpful if you're learning:




*Information compiled/copied from forum posts, mostly Broihon
 
Last edited:
  • Like
Reactions: Butch

Delision

Newbie
Jan 4, 2017
4
52
0
I'm currently studying C++ and have done a little work with coding trainers for smaller games without anti cheats such as Assault Cube and am looking into counterstrike games. Something I have very little knowledge about is the internal vs. external debate. I understand what makes a cheat internal or external, but what I don't understand is why to use one or the other. Are there advantages to using one? Disadvantages? Anything you guys could share with me about this topic would be really appreciated.
 

r4z0r

Coder
Meme Tier VIP
Jul 21, 2016
246
1,678
13
Well, both can do same stuff in different ways but I don't see any amazing advantage/disadvantage to talk about, they're just different. Imo injecting a dll is easier cuz you direct memory access and other stuff that you'd have to find in an external (nothing too hard) but you choose man, usually external are easier to understand 4 newbies but if you wanna try a dll one it's not that different/hard.
 

Traxin

Escobar Tier VIP
Dank Tier Donator
Aug 3, 2015
1,041
25,378
154
External is usually slower then internal.
External can often times be very stealthy, especially if you never write to the process.
Like r4z0r said, you're in the process space so you can easily refer to other sections in memory using pointers instead of RPM/WPM.

Oh, and search the forums. This question has been asked thousands of times.
 

Broihon

edgy 12 y/o
Escobar Tier VIP
Fleep Tier Donator
Dec 22, 2013
1,745
40,528
316
Ok, just my thoughts:

Pros of external:
In my opinion none compared to internal unless you just want to super quickly patch some bytes and then close the hack

Cons of external:
Super easy to detect because of the open process handle
Harder to use especially for beginners (WPM/RPM, getting the PID, blalba) though easy to master because it has no potential
Less potential
Slow

Pros of internal:
Sick performance
Easy to start off with
Much potential
Can be super sneaky and almost impossible to detect if done properly

Cons of internal:
Hard to master
Easier to detect when you don't know what you're doing
 

Delision

Newbie
Jan 4, 2017
4
52
0
Вroihon;47116 said:
Ok, just my thoughts:

Pros of external:
In my opinion none compared to internal unless you just want to super quickly patch some bytes and then close the hack

Cons of external:
Super easy to detect because of the open process handle
Harder to use especially for beginners (WPM/RPM, getting the PID, blalba) though easy to master because it has no potential
Less potential
Slow

Pros of internal:
Sick performance
Easy to start off with
Much potential
Can be super sneaky and almost impossible to detect if done properly

Cons of internal:
Hard to master
Easier to detect when you don't know what you're doing
I've made a few external cheats for simpler games, could you point me in the direction of a tutorial for making an internal cheat for a game? All the tutorials I find seem to be for making external programs.
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,099
78,998
2,373
I've made a few external cheats for simpler games, could you point me in the direction of a tutorial for making an internal cheat for a game? All the tutorials I find seem to be for making external programs.
Here are some very simple DLL hacks for assault cube They are a good learning tool as they are not loaded with bullshit, just exactly what you need to understand the basic methods. The basic idea once you have injected is to either create a separate thread or hook a game function that gets executed once per frame in which you will put your code. Then you typecast pointers to addresses, and assign new values to the values pointed to by the pointers by referencing them
 

morten2808

Newbie
Full Member
Nobleman
Oct 15, 2015
48
238
0
So i have a question for the pro cheats on here!

Questions:

1) If i was to go and create a csgo aimbot or triggerbot would i be able to do that in Extrenal or does it need to be from a DLL file
2) Can you make the same cheat in both Extrernal and DLL ?
3) Why do most people use DLL instead of Extrernal ? Is it because DLL is safer than Extrernal ?
4) Can you make a wallhack as an Extrernal cheat instead of doing it in a DLL file ?

Thanks for reading and sorry if these questions are stupid. Im just getting started so would like all to get as much knowledge as possible!
 

Teuvin

now I am become Death
Dank Tier VIP
Trump Tier Donator
Dec 8, 2016
403
10,388
65
Hi, next time please use the search feature there are plenty of threads regarding internal vs external already and they could answer all of your questions, but I'm gonna do so here.
  1. Yes.
  2. Yes, depending on what you want to achieve.
  3. Because it gives you more control over the game engines, like memory, structures and stuff.
  4. Yes.
 

morten2808

Newbie
Full Member
Nobleman
Oct 15, 2015
48
238
0
Hi, next time please use the search feature there are plenty of threads regarding internal vs external already and they could answer all of your questions, but I'm gonna do so here.
  1. Yes.
  2. Yes, depending on what you want to achieve.
  3. Because it gives you more control over the game engines, like memory, structures and stuff.
  4. Yes.
Thanks for the answers and sorry!
Will look it up on here before posting next time!
 

coltonon

Newbie
Full Member
Dec 18, 2017
6
298
1
Ok, just my thoughts:

Pros of external:
In my opinion none compared to internal unless you just want to super quickly patch some bytes and then close the hack

Cons of external:
Super easy to detect because of the open process handle
Harder to use especially for beginners (WPM/RPM, getting the PID, blalba) though easy to master because it has no potential
Less potential
Slow

Pros of internal:
Sick performance
Easy to start off with
Much potential
Can be super sneaky and almost impossible to detect if done properly

Cons of internal:
Hard to master
Easier to detect when you don't know what you're doing
I write about an equal amount of both, and this simply isn't true. Externals excel in areas of simplicity, where you don't have to worry about dereferencing nullptrs and crashing. You don't have to worry about injection (which your injector is by all means an external in itself, so either way you need an external unless you're loading via a proxied dll). ReadProcessMemory can be much easier and safer to use for certain cases, and you don't miss out on much.

The only thing that makes externals worse is their lack of detouring support, but that's perfectly possible with a little bit of shellcode injection. For example, I wrote a midfunction hooking library that works externally.

As for detection, you're simply wrong with that. It is extremely easy to detect an unknown module inside your own process. Most injectors use the createremotethread loadlibrary method, which anyone and their dog could detect. On the otherhand, externals are usually blocked by some sort of handle stripping techniques, something you'd only really see in kernel level anticheats. obregistercallbacks, specifically.

The main reason I use internals are for more advanced hooking techniques, and when I need to frequently call in-game functions. For example, hooking the presentframe virtual for dx11 is something that I do all the time, and you need an internal to do that. However that is far from simple, and defiantly more complicated than just creating a Direct2D drawing surface.
 

Broihon

edgy 12 y/o
Escobar Tier VIP
Fleep Tier Donator
Dec 22, 2013
1,745
40,528
316
No, internal is easier and harder to detect if you know what you are doing.
 
  • Like
Reactions: IXSO

MrManiak

Newbie
Dank Tier Donator
Apr 4, 2016
40
2,528
4
I write about an equal amount of both, and this simply isn't true. Externals excel in areas of simplicity, where you don't have to worry about dereferencing nullptrs and crashing. You don't have to worry about injection (which your injector is by all means an external in itself, so either way you need an external unless you're loading via a proxied dll). ReadProcessMemory can be much easier and safer to use for certain cases, and you don't miss out on much.

The only thing that makes externals worse is their lack of detouring support, but that's perfectly possible with a little bit of shellcode injection. For example, I wrote a midfunction hooking library that works externally.

As for detection, you're simply wrong with that. It is extremely easy to detect an unknown module inside your own process. Most injectors use the createremotethread loadlibrary method, which anyone and their dog could detect. On the otherhand, externals are usually blocked by some sort of handle stripping techniques, something you'd only really see in kernel level anticheats. obregistercallbacks, specifically.

The main reason I use internals are for more advanced hooking techniques, and when I need to frequently call in-game functions. For example, hooking the presentframe virtual for dx11 is something that I do all the time, and you need an internal to do that. However that is far from simple, and defiantly more complicated than just creating a Direct2D drawing surface.
This is a very nice library, thanks for sharing! However, this isn't really stealthier than going internal, as you are inline hooking functions towards an executable page that isn't inside any module's address bounds. This is equivalent to manual mapping in my eyes. I'd still rather go internal for flexibility and simplicity.
 
  • Like
Reactions: Rake

coltonon

Newbie
Full Member
Dec 18, 2017
6
298
1
No, internal is easier and harder to detect if you know what you are doing.
Did you read my post..?
While yes, native memory management is great, you still need to open a handle to the target process and call writeprocessmemory for just about all of the most commonly used injection methods.

Please, share how an external is easier to detect than an internal. You're claiming stuff without anything to back you up.
 

coltonon

Newbie
Full Member
Dec 18, 2017
6
298
1
This is a very nice library, thanks for sharing! However, this isn't really stealthier than going internal, as you are inline hooking functions towards an executable page that isn't inside any module's address bounds. This is equivalent to manual mapping in my eyes. I'd still rather go internal for flexibility and simplicity.
And nah it wasn't really designed for complete stealth, more of an alternative to breakpoints and letting externals access data that you'd normally need a hook to read.
 

Rake

Cesspool Admin
Administrator
Jan 21, 2014
12,099
78,998
2,373
you still need to open a handle to the target process and call writeprocessmemory for just about all of the most commonly used injection methods
true true. What if we use appinitdll or dll hijacking? :p
 
Attention! Before you post:

Read the How to Ask Questions Guide
99% of questions are answered in the Beginner's Guide, do it before asking a question.

No Hack Requests. Post in the correct section.  Search the forum first. Read the rules.

How to make a good post:

  • Fill out the form correctly
  • Tell us the game name & coding language
  • Post everything we need to know to help you
  • Ask specific questions, be descriptive
  • Post errors, line numbers & screenshots
  • Post code snippets using code tags
  • If it's a large project, zip it up and attach it

If you do not comply, your post may be deleted.  We want to help, please make a good post and we will do our best to help you.

Community Mods