The bypass is based on CreateWindowEx
and does not require any existing overlay to be hijacked. The compiled version of the manually mapped driver (C/C++) is a good solution for private use. If you need an undetected (UD
) overlay for EAC/BattlEye. This is exactly what you want.
[+] Windows 10 compatible (22H2
(Windows 11 22H2 support is to be added soon...)
[+] Bypasses every kernel (EAC, BattlEye, VanGuard ...) and user mode anti-cheat (VAC/FairFight etc.) topmost overlay window checks
[+] Screenshot safe
[+] PatchGuard compatible DKOM
[+] Internal or external overlay is supported
[+] Secure boot ON or OFF compatible solution available
[+] Source code available for purchase
The compiled version of the manually mapped driver, that will be customized according to your preference, costs $
479 USD and will be HWID locked to your device and is provided "AS IS
" without warranty of any kind. Each version of the driver will be unique from kernel level anti-cheat perspective. Considering the security measures used, the detection rate should remain lowest possible.
An overlay is a window on top of all other windows, such as a game window. EAC's checks for topmost overlays relies on user mode API's such as IsWindowVisible. The aforementioned bypass invalidates all of these user mode checks in a sophisticated way meaning that an advanced kernel anti-cheat such as EAC can enumerate the window but never detects the window as a topmost overlay hack. Overlay checks in EAC can be bypassed by modifying one byte in memory. This modification makes the overlay undetectable in EAC.
A typical topmost overlay is created using the following style:
WS_EX_LAYERED | WS_EX_COMPOSITED | WS_EX_TRANSPARENT | WS_EX_TOPMOST
These flags are required for Windows 10/11 to get an overlay that is clickable through. EAC tries to query the window for these flags including the window size to determine whether the window is a hack overlay or not and after the query the information is sent to the server.
If the size of the queried window matches the size of the game window with the topmost style, this may result either in a flag and/or ban. The bypass is applied and cloaked before the anti-cheat is run. In reality EAC nor any other anti-cheat will never receive the original flags the overlay was created with.
Overlay windows can also be enumerated from the kernel. Kernel mode checks are much harder to bypass. The implementation of kernel mode is a significantly more difficult because it's based on an undocumented tagWND structure that needs to be reversed and tested for each version of windows.
Despite all the encountered issues, the author bypassed also kernel mode window enumeration checks
and implemented nearly a perfect kernel mode detection code for topmost overlay hacks. There is no difference in terms of detection between internal or external overlay.
BattlEye bypass topmost overlay detection
) checks also relies on user mode API's such as GetWindow when it enumerates a list of windows. This is backed by
. All of these user mode checks including window style checks will get invalidated or spoofed as soon as the bypass has been applied. You can create your internal or external overlay on top of the game window with the (WS_EX_TOPMOST
) flag as there was no anti-cheat at all running. And the overlay is also screenshot safe. Ironically bypassing BE's detection just by modifying one byte in memory.
If you want to become a P2C or need a good external backup solution. The source code for the bypass costs $
4,999 USD. The price includes undetected (UD
) external (RW
) via direct syscalls with handle elevation DKOM (UD in EAC 1.5+ years) bypassing every kernel and user mod anti-cheat. The source code is intended for those who have previous experience in coding kernel drivers. If necessary, initial support (max. 24 hours). The project compiles in VS2019+.
If you want support for something other than the listed versions of windows. $
449 USD per additional version once you've purchased the main package.
Terms for the source code
The origin of the source code must not be misrepresented. The original author of the source code is White Byte at overlayhack.com
The source code is sold unconditionally for private or internal company use. In no event you or the company who bought the source code may not
distribute or resell the source code in any form or distribute information obtained from the source code to third parties. You may only distribute the code in a compiled form.
) is the only payment method for individuals. The customer should pay all fees. All sales are final and non-refundable regardless of the payment method used.
The author also coded PatchGuard and DSE bypass at runtime. Learn more https://overlayhack.com/patchguard-bypass