Detection Coverage
Last Updated: June 9, 2026. This document describes the categories of unauthorised client behaviour and server-side abuse that BlackGuard is designed to identify and report to server operators. Detection results are surfaced to the operator, who retains sole authority over enforcement decisions. BlackGuard does not issue bans directly — all actions are taken by the server operator.
1. Visual Enhancement Tools
Unauthorised modifications that alter the client's rendering pipeline to expose information not visible under normal gameplay conditions.
Detection note: When behavioural analysis flags a player for suspected use of visual tools or performance-assist software, BlackGuard may capture a screenshot of the game window/render output as supporting evidence. Screenshots capture only the game render — never the player's desktop, other applications, browser windows, or personal files. Images are processed by automated systems, retained for a maximum of 14 days, then permanently deleted. See our Privacy Policy §11 for full details.
| Variant | Detection Method | Enforcement Signal |
|---|---|---|
| Through-wall entity rendering (ESP) | Behavioural anomaly | Flag / Ban |
| Player skeleton / bone overlays | Client integrity check | Flag / Ban |
| Extended draw-distance bypasses | Signature scan | Flag |
| Radar / minimap manipulation | Behavioural anomaly | Flag |
2. Performance Assist Modifications
Unauthorised tools that alter aiming, weapon handling, or movement mechanics to provide an unearned competitive advantage.
| Variant | Detection Method | Enforcement Signal |
|---|---|---|
| Aim-assist injectors | Behavioural anomaly | Flag / Ban |
| Recoil and spread suppression | Signature scan | Flag / Ban |
| Trigger-action automation | Behavioural anomaly | Flag |
| No-clip / movement speed modification | Velocity anomaly detection | Flag / Kick / Ban |
3. Economy and Resource Manipulation
Unauthorised modifications that create, duplicate, or otherwise illegitimately alter in-game assets and resources.
| Variant | Detection Method | Enforcement Signal |
|---|---|---|
| Currency / item spawning | Event integrity check | Flag / Ban |
| Inventory duplication exploits | Server-side delta validation | Flag / Ban |
| Entity / vehicle spawning outside permitted context | Event integrity check | Flag / Kick |
4. Client Integrity Violations
Indicators that a client's game files, runtime environment, or process memory have been altered or accessed by unauthorised software.
| Variant | Detection Method | Enforcement Signal |
|---|---|---|
| Injected DLL / module presence | Client integrity check | Flag / Ban |
| Modified game file signatures | Signature scan | Flag / Ban |
| Debugger / analysis tool attachment | Client integrity check | Flag / Ban |
| Memory-resident code execution outside game context | Behavioural anomaly | Flag / Ban |
5. Identity Manipulation
Attempts to obscure or replace hardware and software identifiers to evade existing bans or misrepresent a client's true identity.
| Variant | Detection Method | Enforcement Signal |
|---|---|---|
| Spoofed hardware token presentation | HWID cross-reference | Flag (soft) / Ban |
| HWID cycling across sessions | Token overlap analysis | Flag |
| License key sharing across different hardware | HWID cross-reference | Flag |
Note: HWID overlap detections resulting from shared hardware (LAN environments, shared households) are surfaced as soft flags for operator review — not automatic bans. Final enforcement decisions always rest with the server operator.
6. Server-Side Abuse
Actions originating from a connected client that are designed to degrade server performance, disrupt other players, or bypass server-authorised game logic.
| Variant | Detection Method | Enforcement Signal |
|---|---|---|
| Explosion / event flooding | Event rate analysis | Kick / Ban |
| Entity spawning beyond server limits | Event integrity check | Kick / Ban |
| Unauthorised resource triggering | Event integrity check | Flag / Kick |
| Forced-disconnect attacks on other players | Event rate analysis | Kick / Ban |
7. Behavioural Anomaly Detection
Statistical and rule-based analysis of player behaviour patterns that deviate from what is physically or mechanically possible within normal gameplay.
| Signal | Detection Method | Enforcement Signal |
|---|---|---|
| Impossible movement velocity | Velocity anomaly detection | Flag / Kick / Ban |
| Teleportation events | Position delta analysis | Flag / Kick |
| God-mode / invincibility indicators | Behavioural anomaly | Flag / Ban |
| Sustained statistically improbable accuracy | Behavioural baseline deviation | Flag |
Enforcement Actions
Detection events are reported to the server operator via the BlackGuard dashboard. Operators control all enforcement actions for their server. The following actions may be taken by the operator in response to detection signals:
- Flag — Detection logged for operator review. No immediate action taken against the player.
- Kick — Player is removed from the server immediately. They may reconnect unless a ban is also issued.
- Ban — Player is prevented from reconnecting. Ban is recorded by license and hardware identifier.
BlackGuard does not operate a global ban list. Bans are scoped to the server where they were issued. Operators retain full control over their ban records, including the ability to revoke bans via the dashboard.
Detection Disputes
All enforcement decisions are made by the server operator. If you believe a detection or ban was issued in error, contact the administrator of the game server where the restriction was applied. BlackGuard can provide detection logs to operators upon request to support their review process.
For questions about BlackGuard's detection capabilities as a server operator, contact us at support@blackguardac.com.
Coverage scope is subject to change as BlackGuard is updated. Detection capabilities listed represent categories actively monitored — not an exhaustive enumeration of every detection signature.