Tutorial RPGM Unity HTML Ren'Py D3v's Guide to Cheats and Cheat Defence

[D3vTheModder]

D3v's Guide to Cheats and Cheat Defence​

The goal of this guide, is to kind of brain dump all the knowledge I have gained over time from hacking away at different games. I've worked on game development, both NSFW and non-NSFW and this "hobby" started as a learning experience to protect my own game. I would download a game and try to cheat it. Quickly this turned from me learning about how to protect my game into just challenging myself to break more and more games

There will most likely be two types of readers for this guide. Firstly, those that simply want to learn to cheat games for their own enjoyment, or unlock paywalled content, or I dont know, skip the grind. Secondly, there will be the developers of games, who will likely read this guide to learn how to better protect their own games from being cheated. Both types of readers are equally welcome here. I will be exploring both sides of the coin. The methods used to cheat games, as well as how to protect against some of these methods. Unfortunately for the developers, not all methods of cheating can be protected against, that's due to the engine limitations, or simply the fact that if the user has full access to the game files, they can always find a way to cheat it. But I will try my best to cover as much as possible.

This guide will tackle the most common game engines. Might add more in the future - we will see

• RenPy
• SugarCube (Twine / HTML)
• Unity
• RPGM

While having programming knowledge helps a lot with understanding and applying some of these methods, you can probably just follow along and if you have more than 2 active brain cells you should be able to figure stuff out on your own. A lot of 'hacking' is just using common sense and being patient.

This guide will act more as 'teaching the thought process' rather than 'do X and Y to achieve Z', since every game is slightly different and might require some extra tweaks. So use this guide as a way to learn the process rather than expecting this to just blindly fit every game.

In my examples I'm going to be using random games that are all found here on F95. That doesn't mean that the cheats will work by the time you read this guide. It also doesn't mean I will update them. They are just purely used as examples. Let's begin.

I've split this guide into multiple posts and sections for each engine, so feel free to skip to the engine you care about. I'm also going to try and keep each section updated as I learn new things. I will add a changelog at the bottom of this post so feel free to come back in the future to check in.

Table of Contents​

• RenPy
• SugarCube
• Unity
• RPG Maker
• Defence

Spoiler: Changelog

You don't have permission to view the spoiler content. Log in or register now.

Writing this guide took quite a bit of time, to collect all the information and present it in a somewhat cohesive manner. I hope you enjoy the read. I would appreciate if you left a comment and ratings on the post, sharing your thoughts. And please do suggest your methods, or games you found with obscure protection methods. I would be more than happy to break them and include them in the guide for future adventurers.
Happy Cheating ​

 

[D3vTheModder]

Ren'Py​

Helpful Tools:

• Visual Studio Code
• "Ren'Py Language" Extension for VSCode

I've recently written quite a lenghty post which actually inspired me to write this guide. RenPy is definitely the most fun engine of the ones listed above, due to its developer tools and console. They are the most powerful tools you could ask for that come packed with the game. The Dev Tools literally let you view the state of the game, while the console lets you run any python code. So this first part of the guide isn't really a hack, but more a tutorial on how to access these two tools.

Enable Developer Tools​

Open the game in question, and navigate to the renpy/common/ folder. Inside this folder you will find a file called 00library.rpy open it with VSCode (or any other code/text editor) then search for a line config.developer.
You should find the following line:



Change that entire line to simply read:



Bare in mind python is a language that cares about the indentation (the spaces to the left of the text). So you MUST ensure that the config.developer line is in line with the other config lines.



Save the file, and run your game. You now have access to the Developer Tools via the SHIFT + D keybind AND SHIFT + O console. The developer config is the highest level of permission essentially. So you don't need to enable the console - at least for most modern games. So if you've set this up and both keybinds are working, you can safely skip the next step about enabling the console.

Enable Console​

Open the game in question, and navigate to the renpy/common/ folder. Inside this folder you will find a file called 00console.rpy open it with VSCode (or any other code/text editor) then search for a line config.console.
You should find the following line:



Simply change the False to True. That's it. Save the file open the game and boom, You now have access to the Console via the SHIFT + O keybind. Some games may require you to enable both, or only give you an option to enable one or the other.

Variable Viewer​

Firstly, lets get into our game and open the Developer Tools with SHIFT + D. Once the developer tools are open, press the Variable Viewer button. The variable viewer is the bread and butter.



In here you can view all the variables that are currently in memory and see what value is assigned to them. It's in here that we will find the variables we want to change. There's also the Persistent Viewer which shows you the persistent variables, think of these as global state variables. This could be things like gallery unlocks, or key story flags that need to be saved. Most of the time though, you will be looking at the normal Variable Viewer.



Key thing to note about the variable viewer, is that we mainly use it to get a feel for the variable names, and the structure of the game. We can access all this information in the console as well - and we will be using the console to view/change these variables very soon - but the variable viewer is a nice visual way to explore the variables without needing to type anything or guessing things. This is normally where I would start when trying to cheat a RenPy game. Just open the variable viewer and look for interesting variables names.

Console​

If the Variable Viewer is the bread and butter, then the Console is the steak dinner with a nice glass of wine. The console is where we will be doing most of our cheating. The console allows us to run any python code we want, and since RenPy is built on top of python, we can access all the game variables, functions, classes, etc. directly from the console. This is where the real power lies. Open it with SHIFT + O or via the Console button in the developer tools.

The console can be scary. Afterall it is just a blank ">" prompt and you probably have no clue what to type in. But lets not panic yet. If your game allowed you to access the developer tools, then you should already have a variable in mind that looks juicy. So
for this example we are playing Doomination v0.3.8 (purely because its the one I've most recently made a post about). Now, in RenPy you will encounter two types of variables. Simple variables like integers, strings, booleans, etc. and complex variables like lists, dictionaries, classes, etc. If the variable you are looking at is a simple variable, lets say the dgg_pt1 boolean variable which tracks the nude versions of the characters you've unlocked. You can simply type the following into the console to change its value:

dgg_pt1 = True

This will set the variable to True, effectively unlocking the nude versions of the character. Simple as that.
REMEMBER: these variable names are only relevant to Doomination game. You will have different variables with different names!

I've looked through the variable viewer and I found a juicy variable called inventory. This variable is a class. You can tell its a custom class because when you write it in the console you get a response like this:



Other games will have other types of complex variables, but normally when you see object at 0x.... its a custom class. Now to figure out what this class contains, we can use the built in dir() function. This function will list all the attributes and methods of an object. So we can type the following into the console:

dir(inventory)

You can see that this class has a bunch of attributes and methods. Its not very user friendly, but you can mostly deduce from the names what they do. Probably the most interesting attribute here is items and money as for the methods we have add_item() and earn_money(). So let's check out what the items attribute contains. We can do that by typing:

inventory.items

Its a list! A list of custom classes though. But we already know how to explore those. Lets check out the first item in the list:

dir(inventory.items[0])

Side note: In python, lists are zero indexed. So the first item is at index 0, the second at index 1, etc.

You can see that this item has attributes like name, description, etc. So we can check out the name of the first item by typing:

inventory.items[0].name

In my case that gives me "BROKEN ARMOR". That's all great, but you probably want to add items to your inventory. Well the item has an attribute itemcount which you can change directly like so:

inventory.items[0].itemcount = 99

This will set the item count of the first item to 99. Usually, this is enough to cheat your way through the game.

But what if you want to add a new item that you don't already have? Well, this is usually more tricky, so I would suggest you to avoid this path if you dont have to, BUTTTTTTTT... We do have the add_item() method. We can use that method to add a new item to our inventory. But we need to know what parameters it takes. Now, there's 2 ways to figure this out.

First. We already looked at the inventory.items this has shown us a list of <store.Item object at 0x...>. So the class is called Item and since we have access to the source code, a simple search for class Item will lead us to the definition of this class. Here we can see the __init__() method which is the constructor for the class. This method shows us what parameters are needed to create a new item.

Second. We can use the built in help() function to get more information about the method. So we can type:

help(inventory.add_item)

Unfortunately, in this case the help function doesn't give us much useful information, this is usually due to the developer not adding comments to their code - which for cheating is technically a good thing, but in the real world you should comment your code - But in other cases it might spit out something useful, so always worth a try.

Now that we know what parameters are needed to create a new item, we can call the add_item() method like so:

inventory.add_item(Item("ITEM NAME"))

Now I've actually created a new item called "For The Lols" and it was added to my inventory. This item doesn't actually do anything since I've not actually defined any of its attributes properly, but it shows you the process of how to add new items to your inventory. You can essentially create your own items this way that are totally broken.

But what if you wanted to add an existing item? Well, here you most likely need to look in the source code. Since we know the method and class that we are interested in, we can just search the entire source code for add_item() and see where it's used.

In this case, I found it being used in lots of files, and lucky for me the developer has created a items.rpy file which contains all the item definitions. So I can just copy the definition of an item and add it to my inventory like so:

inventory.add_item(SEXTOY_DOOM6000)

Each game will be different, so you might need to explore the source code a bit to figure out how to add existing items, but the process is generally the same. Find the class definition, find how its instantiated, then use that information to create or add items via the console.

As for the other interesting attribute we found, the money attribute. It's a simple data type so we can simply set that directly like so:

inventory.money = 999999

or via the earn_money() method like so:

inventory.earn_money(999999)

And that's it! You've successfully cheated a RenPy game using the developer tools and console. From here you can explore more variables, functions, classes, etc. and see what else you can manipulate to your advantage. Happy cheating!

Extras - Fancy Python​

So I've already mentioned that the console allows you to run any python code. This means that you can do more than just manipulate variables. You can also call functions, create new objects, etc. You can even write python code to do fun stuff for you. Lets take our inventory as an example. Specifically the inventory.items list. What if we wanted to print out all the items in our inventory along with their item count? We can do that by writing a simple for loop in the console like so:

for item in inventory.items:
print(f"{item.name}: {item.itemcount}")

If you run that code in the console, it will print out all the items in your inventory along with their item count. You can get really creative with this. You might also want to print out the index of each item so you can easily reference them later. You can do that by using the enumerate() function like so:

for index, item in enumerate(inventory.items):
print(f"{index}: {item.name}: {item.itemcount}")

If you know even a little bit of python, the possibilities are endless. You can write scripts to automate tasks, manipulate game state in complex ways, etc. The console is your playground. Have fun with it!

Extras 2 - Source Code and Decompiling​

I realise I've not made it abundantly clear. Don't be scared to go into the game files. All the rpy files are there for the taking. You can simply view all the code for yourself and find how everything works. You found a menu that takes a patreon code? Search for the text in that menu across the entire game folder, you will find where its used and what it references, what codes are supported. If it's using hashing, you can always edit the function so that you rename the codes (See my SugarCube example on how to do that, although in a different engine, the methods are identical). World is your oyster and the code is all there for you to view.

If the game you are viewing is actually obfuscated or the rpy files are compiled into gibberish, you may need to decompile them before being able to view them. There are many tools online for this, I believe the most popular is

You must be registered to see the links

. You will have to refer to its instructions as I think it's out of scope for this guide. Point is it's just a slowdown mechanic and doesn't actually achieve much. Just decompile the code and apply all the above as normal. Funnily enough, usually you don't even have to compile the code back. You can just play the game on decompiled files which makes it easier to inject code into it.

 

[D3vTheModder]

SugarCube (Twine / HTML)​

Helpful Tools:

• Google Chrome (or any other modern browser)
• Chrome DevTools (built into Chrome)
• Visual Studio Code
• Twine Desktop App (Not Recommended)

I love SugarCube games, they are probably the easiest to hack, but people seem to not realise this. Since SugarCube games are just HTML files that run in your browser, you can use the built in developer tools to inspect and manipulate the game state. The developer tools are built into every modern browser, so you don't need to install anything extra. Just open the game in your browser, then press F12 or CTRL + SHIFT + I to open the developer tools.

Since SugarCube games have to compile into HTML and JavaScript that means the entire source code is available to you. Nothing hidden, nothing obfuscated (usually). This means you can just open the source code and look for interesting variables, functions, etc. You can also use the console to run JavaScript code to manipulate the game state.

Console​

Let's first play around with the console, before we even look at any source code. To help us with this lets grab a popular SugarCube game, Aphrodisia v4.0.3. Open the game in your browser, then open the developer tools and navigate to the Console tab.

You not gonna believe how easy this is going to be but all you need to type in is:

SugarCube.State.variables

This will print out all the game variables currently being used by the game. You can see all the variables and their current values. From here you can look for interesting variables to manipulate. For example, player is an object that contains all the player stats. You can expand it to see all the attributes and their values. Let's change the player's money. You can do that by typing:

SugarCube.State.variables.player.money = 999999

Bare in mind every game will have different variable names and structures, so you will need to explore the variables to find what you want to change. But the process is the same. Find the variable you want to change, then set its value using the console.

You may have noticed that despite you changing the money variable, the UI didn't update. This is because the game doesn't automatically update the UI when you change a variable. You need to manually trigger a UI update. You can do that by calling the SugarCube.Engine.show() function, this will reload the current passage and update the UI. Alternatively, you can also just navigate to a different passage to force the UI to update.

I'm not joking, that's literally all there is to cheating SugarCube games. You can manipulate any variable, call any function, etc. The entire game state is accessible via the console. There's not much more to it than that. Just explore the variables and see what you can change to your advantage.

There's official documentation for SugarCube which you can find

You must be registered to see the links

. This documentation is super useful to understand how SugarCube works under the hood, and what functions and variables are available to you. Definitely worth a read if you want to get serious about cheating SugarCube games.

Source Code​

There's a very specific reason why I've chosen Aphrodisia as the example game. While the state variables are easy enough to manipulate, sometimes developers can get creative and hide variables in other places, or use functions to manipulate the game state. In these cases, you will need to look at the source code to figure out how the game works. Sometimes its easier to search the source code for specific things rather than trying to look through hundreds of variables in the console.

So, lets open the game's HTML file with VSCode (Or Twine App if you prefer). Now let me tell you, these files are MASSIVE. Especially if the game has been developed for a prolongue period of time. Its not easy to navigate. But if you know what you're looking for its fairly straight forward.

Aphrodisia has a cheat menu. This means you can type in cheat codes to unlock certain paid features in the game. Now if you remember what I said earlier, the game's entire source code is available to us, therefore the codes are all stored in the html file, we just need to find it. If you click the "CHEATS" button on the left side menu you will see the password prompt window. The easiest way to reverse engineer this screen is to take a snippet of text that is present on this screen and search for it in the HTML file.

Lets take the "Type in the password given to supporters." text and search for in the code. Lucky us, there's only one hit. Depending on the game, this is where your detective skills will be tested. Some developers simply lay the codes in plain text for you to just copy and paste, others obfuscate it with hashing or some fancy functionality.



Its no different in case of Aphrodisia, the developer has created a hashing function which obfuscates the password and checks the answer against the hash. If you just take the hash and paste that into the password it wont work. Reverse engineering the password is also pointless because it requires us to know JavaScript to write the damn thing in the first place and not everyone will. But most importantly that requires effort. Fuck that. Lets just edit the code!

Lets copy the part of code that hashes the answer, if hashStr($answer). We find there's 58!!! different codes. Damn. For purposes of this tutorial (and because I'm lazy) lets change just one of them, but the world is your oyster you can change them all for all I care

Soooo... Firstly lets not hash the answer, because we don't wanna fuck with that. So the line if hashStr($answer) becomes just if $answer. Secondly, the password being all numbers and shit, is jarring. Lets set one that is easy to remember and write. So our line is now if $answer == "lolz"



Save the file, refresh your browser, type in the password and behold the fruits of our labour!



Simples. But not all games will be. Let's take another example, Confined and Horny. The developer here has obfuscated more than just the cheat codes, but the entire code base. So when you search for text that's found on the cheat page, you wont find any hits. That's because the game is encrypted. But that's the key part here, it has to decrypt to work. Therefore, the decryption code is right there for us to view, we just need to find it. I will spare you the long lecture of how I've dug through the code to find the decryption code but you can read my old post here on how to decrypt it yourself. As for console commands, the developer has renamed SugarCube to MegaCube so all the normal console exploits are still possible just use MegaCube as the class name.

Side Note: In case of Confined and Horny, you can also just override the setup methods that are responsible for checking the hashes. The developer changes the names of those methods with each version, however if you inspect the MegaCube.setup object, you will find few methods that are just a jumble of numbers and letters, you can redefine them:

MegaCube.setup.HwqHEXtc8sTIyKtU = () => true

Which you wouldn't instinctively know unless you decode the source code and inspect the actual JavaScript, hence I don't want to explain this part in too much detail as its not actually helpful. But the setup object can hold information about the game too, usually methods that are used by the developer in different places. In case of this game, the developer stored the hashing methods in the setup object, after redefining all of them you will be able to type in anything into the cheat menu and it will always assume the correct password was entered. Again, you would only know that if you inspect the source code, hence I would focus on that instead.

Point is developers use many methods of obfuscating HTML code, unfortunately there's no way of hiding the code because whatever it is that obfuscates / encrypts it has to be included in source code.

There are many many many more methods that developers use to stop users from accessing paid content. But I hope the few approaches here give you enough power to reign hell. Remember, it's all in the source code, you just need to do the detective work!

 

[D3vTheModder]

Unity​

Helpful Tools:

• DnSpy
• Cheat Engine

Now I could sit here and give you a lenghty guide on cracking and breaking unity games. But, funnily enough as I was writing this guide I found this amazing guide by Uncle Eugene which goes into insane amount of detail on breaking unity games. So I rather you go there and read his guide if you are interested in breaking Unity games like a Pro.

Instead, I will explore a different method that Uncle Eugene doesn't explore and that's the power of Cheat Engine!

Cheat Engine​

For our demonstration we will use Lovely Craft Piston Trap v0.2.9 because it looks funny as fuck.

Run the game, and open Cheat Engine on the side. Once you've done that make sure you select our game as a target.



The game revolves around piston fucking? a villager? anyway, I ain't judging... That generates emeralds, that appears to be the currency of the game. I'm too lazy to sit here and grind so lets do something about that. You can view the amount of emeralds you have by clicking the shop icon. In Cheat Engine in the Value box type in the amount of emeralds you have and press new scan. You should see a list of addresses and values appear in the list. Now we return to the game and spend some money so that the emerald count changes. Once you've done that go back to cheat engine and type in the new amount and press "Next Scan".



If you have more than one result repeat the process until there's only one value in your list. Sometimes there may be multiple values, especially if the developer is storing multiple instances of the value, one for display and one for actual money. So keep narrowing it down until you can't no more. Once you've narrowed it down, double click each one, the values will be moved to the bottom of the window. Here you can double click the value and type in something crazy like "9999" and press Ok. You should now see that value reflected in your game.

In case of Lovely Craft Piston Trap, you actually have to fuck about quite a lot, I've found that there's 3 records responsible for tracking money, and its capped at 640. Two records that display the actual value of money, while the last seems to always show the money amount divided by 10 (if possible, otherwise it shows the money value). Not sure what the setup is for the developer but hey ho.

We kind of explored that one together, I've not preppared a unity game to be honest, and this was the first thing I've found which seemed fun to do for the guide. But the rules are the same across the board, unity stores all the values in memory so Cheat Engine can easily access them. Sometimes you have to get creative, and for example rather than editing your EXP or Money, you might want to edit the amount of Salary or Money Reward you receive if you know the amount etc etc. As developers may have already put some methods of anti-cheats in place. Which seems to be the case for the Craft Piston game which requires that 3rd variable to also be set. But, regardless get creative with it and have fun.

I originally planned for a much longer chapter but Uncle Eugene kind of took care of this for me

 

[D3vTheModder]

RPG Maker​

This is going to be the shortest section, because well RPGM has been around the block for ages, and people have already created the perfect solutions. I would be doing them injustice if I didn't just link their work for you to read instead. Most commonly used version of RPG Maker for lewd games is MV and MZ. If that's the version of the game you're playing then your best solution is RPGM Cheat by Aziien

As I've said this is pretty much the shortest section, the cheat is self explanatory and has instructions already. Simply patch the game you want to cheat, open the menu, find the variable / item and change its value. Done. All in real time!

 

[D3vTheModder]

Defence​

Let's start with the most obvious. Realistically, people will cheat your games. You can only make it more difficult its a double edged sword. If you add cheats for paid users, the few smart ones will leak the codes because they know how to dig in your code. You could just not add cheat codes to your game, but then someone will just edit the state variables. Its a game of cat and mouse.

As a developer you have two options, embrace the fact that people will cheat your game, or spend hours and hours of your time trying to make it just a little more difficult. I'm not here to answer that question for you, however, I can give you some ideas.

SugarCube​

I probably have the most experience in SugarCube, as I've mentioned in my first post, I started by coding my game. That's what inspired this hobby of cheating games as a way to protect my game. Well SugarCube was/is my poison. So here's my guide on protecting a SugarCube game.

Firstly, stop encrypting your game. Its a waste of time. By design HTML is unencrypted. If the client can run the code then they can view everything about it. Its a waste of your time and everyone's time. No matter how much encyption you add the code to decrypt it is right there. Its like making the most secure vault in the world and putting the keys next to the entrance. It doesn't work!

Here's what you should do instead, considering that you are thinking of encryption that means you in fact have a patreon or some platform of sort. SugarCube has few quality of life features that make it super easy to implement security into your game.

Secondly, importScripts this is god-sent. You simply place your 'premium' code - whether that's your logic for patreon codes or whatever you fancy - in a separate JavaScript file. Then dynamically load it at startup. Before you think to yourself, 'I have to manage two copies of the game' and well the answer to that is sort of 'yes'. But with good organisation you shouldn't have any problems. The importScripts line can be in both the free and patreon copy of the game. You dont need to remove it. You just dont put that file in your free game bundle. Done!

Here's a simple snippet for loading custom code:

const lockId = LoadScreen.lock();

// Premium Build: Load custom code here.
// This path needs to be relative to the index.html file.
importScripts('./custom_code.js')
  .then(() => {
    console.log("Loaded script 'custom_code.js'");
  })
  .catch((error) => {
    console.error(`Failed to load script "custom_code.js":`, error);
  });

LoadScreen.unlock(lockId);

then inside your custom_code.js file you can have your custom logic, for example:

const customCode = () => {
  console.log("Premium features unlocked!");
};

// Expose the function to SugarCube's setup object
SugarCube.setup.customCode = customCode;

Now in your game you can call SugarCube.setup.customCode() and it will only work if the user has the premium version of the game with the custom_code.js file included. Simple as that. You can use this method to hide any premium logic you want. Just make sure you don't expose any variables or functions that you don't want the user to access.

Thirdly, people don't seem to read the documentation at all. SugarCube has quite an extensive functionality. One of the greatest protection features SugarCube has is Story.has(" "). This function allows you to check if a specific passage exists in the game. All you have to do is not include your premium passages in the free version of the game. The same check goes into both the free and premium game. One simple line like this:

<<if Story.has("Premium")>>
    [[Go to Premium Passage|Premium]]
<</if>>

Will only show the link to the premium passage if it exists. Simple as that. You can use this method to hide any premium content you want. Just make sure you don't include the premium passages in your free game bundle. A good folder structure will help you manage this. You can have a passages/premium/ folder that contains all your premium passages, then just exclude that folder when building the free version of the game. And any time you want to link to a premium passage, just use the Story.has(" ") check to see if it exists. Use the same folder structure for your images and videos too. Keep all premium assets in a separate folder and exclude it from the free version of the game.

This way you can easily manage your free and premium versions of the game without having to maintain two separate codebases. Just one codebase with some conditional logic to check for premium content. Simple as that! Then you build two versions of the game, one with premium content and one without. You release your free version to the public and your premium version to your patrons. Easy peasy!

Someone might still leak your patreon copy. But that's not something you can prevent or protect yourself against. Just have to accept that people will leak. At least your free version is not just premium with extra steps.

RenPy​

Not gonna lie, RenPy developers you're fucked. Same case as with SugarCube, the entire source code is available to the user. RenPy engine comes loaded with developer tools and console. I mean you can try to obfuscate the code by removing those tools, but then someone will just re-enable them. You can try to encrypt the code, but again the decryption code is right there in the source code. Its a waste of your time.

Your best bet is to embrace the fact that people will cheat your game. Make your game fun enough that people will want to support you regardless of cheats. Add value to your patreon that can't be easily replicated by cheating, like behind the scenes content, early access, etc. Focus on building a community rather than trying to lock down your game. Its a losing battle otherwise.

Blame the engine, not the players. Sorry...

Unity​

Unity developers. Now you have some options. Decompiling unity games is not trivial. And realistically a sane person - not me lol - wouldn't go through the effort of decompiling a unity game just to cheat it. You need to know C# and have some background knowledge to dig through DnSpy to actually do something. Realistically most people will just break their game, see errors, panic and never return. So you have some level of security by default. But if you want to make it even harder, here's what you can do.

Firstly, obfuscate your code. Hahaha... I know I've just said that obfuscation is a pointless task. But in case of unity its actually somewhat effective. As I've said above, most people won't bother decompiling code, however, there's a high chance they will use Cheat Engine. So... don't directly store your values in memory. For example, for player's money don't just store a variable called 'money' and set it to the money they have. Instead, create a method that returns the money value by doing some calculations. For example:

private int money;

public int GetMoney() {
    return money * 42 / 7 + 13; // some random calculations
}

public void SetMoney(int value) {
    money = (value - 13) * 7 / 42; // reverse calculations
}

This is just a simple example, but you get the idea. This way, if someone tries to dig in memory for the value of money, they won't find it directly. They will have to figure out the calculations first. You can make the calculations as complex as you want. Just make sure they are reversible so you can still set the value correctly. This doesn't protect you from someone decompiling your code, but it does make it harder for someone using Cheat Engine to find the value directly. And that's the main threat you need to worry about, if you care about protecting your game.

Most people don't bother with string values or booleans with Unity / Cheat Engine. So I would just obfuscate numeric values like money, health, experience, etc. Have a different simple obfuscation method for each value. This way even if someone figures out one, they won't be able to figure out the others easily.

RPG Maker​

I actually know fuck all about RPG Maker development. I've never actually coded in this engine, nor do I have any interest. It was fun figuring out cheats and finding the software i've shared above, but I actually don't know anything about the engine itself. Sorry

 

[Insomnimaniac Games]

It would be wrong of my to not share this here. It's an rpy file that enables the console without having to do anything else. (Also adds L as a shortcut instead of having to hit shift+o). If you play and cheat in a ton of renpy games, this comes in handy.