pwn.dogFinale of the Anti-Lag+ teardown. We mapped the feature byte-for-byte; now we line it up against what Valve Anti-Cheat is publicly known to look for. Every single signal a cheat trips, Anti-Lag+ tripped too - because at the instruction level they were the same thing.
Part 3 of the Anti-Lag+ teardown. The hook lived in code - but the on/off switch was data. Reverse-engineering AMD's per-game application-profile database (atiapfxx.blb / the BWJE format) and the single byte that turned the feature off.
Part 2 of the Anti-Lag+ teardown. A deep dive into amdihk64 - a Microsoft Detours-based inline-hook engine that ships in the same driver package and also hooks raw input. It's a sibling to the Delag detour from Part 1; I couldn't prove it's on the Anti-Lag+ path itself, and I say so.
A symbol-level teardown of the Adrenalin 23.10.1 feature that got Counter-Strike 2 players VAC-banned - what it hooked, how it hooked it, and the single byte that turned it off.