Revolutionising Unreal Engine Testing: Cyrex’s RPC Dumper Tool for Faster, Smarter Security Checks

The latest weapon in the Cyrex team’s repertoire is our own creation — the Unreal Engine RPC Dumper. Developed by our CTO, Tim De Wachter, this tool automates and accelerates the discovery of Remote Procedure Calls (RPCs), streamlining one of the most time-consuming steps in security testing for Unreal Engine games.

🔍 Gathering RPCs on Unreal Engine

Unreal Engine has multiple versions still in active use, each with differing memory layouts and RPC handling. Manually discovering RPCs across these versions has been laborious — until now. With the RPC Dumper, that work becomes significantly faster and more consistent.

Our tool injects into a running Unreal Engine game, scans its memory, and automatically generates a complete document listing every RPC, network function, and its arguments.

How the Cyrex RPC Dumper Works

On a technical level, Unreal Engine games on PC are Windows programs, reserving space in RAM during execution. The RPC Dumper uses Windows APIs to identify the base memory address, then navigates the memory layout using offsets.

Because Unreal Engine structures are consistent across versions, we know where to locate G-Objects and G-Names (global memory pools). From these, our tool identifies declared functions, flags the RPCs, and retrieves their names and argument structures — all in one sweep.

Understanding the Replication Index

Each RPC is associated with a Replication Index (Rep Index), which is essential for network packet delivery in Unreal Engine. This index tells the game which RPC to trigger when receiving data over the network.

The Cyrex RPC Dumper not only extracts all RPCs but also maps and dumps each Rep Index, replacing guesswork with precision and clarity — a game-changer for efficient penetration testing.

Why This Tool Matters

Time saved on discovery means more time spent on effective testing. With the Unreal Engine RPC Dumper, our team can instantly identify every network function requiring inspection, even without white box access.

This increases the speed and quality of our work while reducing overall costs — benefiting you, the client, with faster turnarounds and more robust testing coverage.

Better Testing for Your Unreal Engine Game

Whether it’s for Unreal Engine game security or application-level testing, this tool ensures nothing is missed. It works as a failsafe and accelerates scoping, helping us estimate effort and risk more accurately — all without requiring source code access.

Ensure Your Security with Cyrex

If you’re ready to strengthen your Unreal Engine game’s security, explore our:

• Penetration testing services for gaming, Web3, and apps
• Load testing with Cyrex Swarm for scalable performance validation
• Case studies and past successes

Get in touch to learn how we can protect your next release with industry-leading security and efficiency.

Frequently Asked Questions

What is an RPC in Unreal Engine?

RPC, or Remote Procedure Call, is a network function used in Unreal Engine to send and receive data between client and server. It’s essential for multiplayer functionality and must be tested thoroughly for security.

Why is RPC discovery important for security testing?

Finding RPCs ensures that all potential network entry points are evaluated for vulnerabilities. Missing one can lead to serious exploits in multiplayer games.

How does the Cyrex RPC Dumper improve testing?

It automates the process of identifying and documenting every RPC, including arguments and Rep Indexes. This removes manual guesswork and increases both speed and accuracy in testing.