How HWID spoofers work (and why ours reverts on reboot)
TL;DR
Our spoofer swaps the hardware IDs your anti-cheat uses to fingerprint your PC. It happens in RAM, for the current Windows session, so the real values come back on restart.
That's it. No firmware writes, no permanent rewrites, no "lifetime" promises that turn into bricked motherboards. You can grab it on /spoofer — free, no subscription needed.
What anti-cheats actually fingerprint
The list has grown. A modern AC reads some combination of:
- Motherboard / SMBIOS serial
- Every disk serial (NVMe, SATA, HDD) and the Windows volume IDs
- All MAC addresses, including Bluetooth and VPN-virtual NICs
- Monitor EDID and PnP IDs (yes, the monitor counts)
- Windows MachineGuid, ProductId, install GUID, Crypto MachineGuid
- TPM chip (endorsement key on older anti-cheats, remote attestation on newer ones)
- RAM serial numbers
EAC added the TPM and RAM reads for Rust in late 2025. Activision shipped TPM 2.0 remote attestation in Ricochet for Black Ops 7 around the same window. Free spoofers that only covered the older list quietly turned into HWID bans a few months later.
Our build covers the current list. EAC and BattlEye titles get the full sweep. Rust, Fortnite, Dead by Daylight, Hell Let Loose, Hunt Showdown, New World, SCUM and FiveM server-side bans need the bundled Cleaner toggled on before launching — same download, just a checkbox.
Temporary on purpose
Permanent spoofers write new IDs into your motherboard's firmware or disk partitions. They stick after reboot — but so do mistakes. One bad value, or a Windows update that overwrites the saved originals, and you'll never get your real IDs back.
We don't ship that. The worst case for our spoofer is a single restart, by design. If anything goes wrong, reboot and you're back to baseline.
Three things it does not do
It doesn't unban your account. The HWID is one signal; the account row in the game's database is separate. Fresh account on a spoofed machine is the working combination.
It doesn't hide a running cheat. That's the loader's job. Check /status before injecting one of our products on top.
It doesn't change your IP. Most games don't IP-ban — CGNAT makes it expensive — but some Squad and FiveM communities maintain shared blocklists. A VPN covers that layer.
Why Valorant isn't covered
Vanguard reads more than the hardware list, ships BIOS-update requirements, and inspects the boot path. The public spoofer flat-out won't take it. The Valorant product ships its own HWID flow built in — separate from the free build, documented inside the product.
Before any session, read /risk-disclosure once. It's short and it covers the ban model honestly.
Frequently asked questions
The fastest updates are in our Discord
We post detection windows, build notes and free spoofer releases in Discord before they hit /status. If you want the real-time view, join us there.
Keep reading
More from the blog
State of the cheat market in mid-2026
Anti-cheats moved hard in late 2025. DMA stayed expensive. Vanguard added on-demand mode. Public free spoofers got cleaned up. The market narrowed — but didn't disappear.
HWID ban: how to recover (account, hardware, or IP)
A ban hits your account, your hardware, or your IP — and each one needs a different fix. Diagnose first, then recover. The free Ambani spoofer covers the hardware layer.
Aimbot vs triggerbot vs ESP: what each one actually does
Three different features with three different risk profiles. ESP shows information, triggerbot pulls the trigger, aimbot moves your view. Picking the right combination matters more than running all three at max.