I reverse games and anti-cheats in my free time — mostly usermode, mostly just to understand how things work. At work I build web APIs in C# and .NET.
Reversed XIGNCODE3's kernel driver during the pandemic and found commands to open handles, read and write memory on any process — then used it against games protected by EAC and BattleEye without getting banned.
Multi-tenant licensing system with HWID binding, JWT auth, a reseller tier, and a React admin dashboard — plus a Discord bot that syncs roles and handles license resets via slash commands.
ASP.NET Core 8 middleware that connects clinical laboratory analyzers to a LIS — parsing ASTM and HL7 protocols across machines from Roche, Sysmex, and VITEK 2, with legacy LIS database support.
I'm John Aldrin M. Castillo, most people just call me Anden. I'm from Batangas, Philippines.
I started coding in high school. No course, no plan — I just saw how a program worked and got curious. Learned by doing, picked things up from people I met along the way, and honestly that's still how I learn things today.
Reverse engineering came through games. Started messing around in Cheat Engine, moved into disassemblers, and it just kept going. Mostly usermode — games, anti-cheats, understanding how protection actually works rather than just working around it.
After I graduated I started getting into web development. Found out .NET could handle that too so I stuck with it — picked up ASP.NET Core, REST APIs, databases, the whole stack. That turned into my day job.
XIGNCODE3 loads a kernel driver with commands to open handles and read/write any process. Here's how I found it and used it against EAC and BattleEye protected games without getting banned.
How Gepard Shield hooks KiUserExceptionDispatcher to intercept debugger activity, and how its periodic byte check detects when the hook has been removed.