SHProtect
SHProtect
click to enter

Pharrell Williams - Double Life

SHProtect

Anti-cheat, script protection, and secure product loader for the Sorrel Hub ecosystem. One system, full coverage.

< 2msServer check latency
0%Client trust
HWIDBound authentication
MultiLayer protection

What SHProtect does

Three pillars of protection under one system.

Anti-Cheat

Server-side detection and client watchdog for Roblox games. Catches exploits, speed hacks, teleports, and injection before they take effect.

Script Protection

Protects Luau scripts from deobfuscation, dumping, and reverse engineering. Keeps your code safe on the client side.

Product Loader

Secure loader for Sorrel Hub products: SRX injector, WinWare, LoveyWare, TargetWare, and more. Auth, HWID binding, key validation.

Under the hood

What runs behind every protected game and loaded product.

Server-Side Validation

Zero client trust. Every action validated on the server before it takes effect. No single point of bypass.

Script Obfuscation

Multi-layer obfuscation pipeline for Luau. Protects game scripts and product payloads from decompilation.

Exploit Detection

Detects known executor patterns, hookchain modifications, environment tampering, and unauthorized module loading.

Secure Loader Auth

HWID-bound key system, encrypted payloads, session tokens, and anti-replay for all loaded products.

Layered Defense

Client watchdog, server checks, and loader validation work together. Bypassing one layer doesn't bypass the rest.

Auto-Ban Pipeline

Configurable severity thresholds. Warnings, kicks, temp bans, permanent bans. Game devs control the escalation.

Products on SHProtect

Loaded and authenticated through the SHProtect pipeline.

SRXRoblox injector
WinWareCombat client
LoveyWareBypass-focused client
TargetWareTargeting toolkit

Zero trust architecture

SHProtect assumes the client is compromised. Anti-cheat checks run server-side. Script protection wraps payloads before they reach the client. The loader authenticates every session before delivering anything.

Even if the client watchdog is fully bypassed, server-side validation still catches invalid state. Even if a script is dumped, obfuscation layers make reconstruction impractical. Each layer operates independently.

Product payloads are never exposed through static endpoints. Every load request is authenticated with HWID binding, key validation, and session tokens. Replay attacks are blocked by design.

Integration

For game developers: drop the anti-cheat module into ServerScriptService. For product users: the loader handles everything automatically.

ServerScriptService / AntiCheat

local SHProtect = require(script.SHProtect)

SHProtect.init({
  strictMode = true,
  autoBan = true,
  logLevel = "warn",
})