Matrix Breach: Game Hacking & Offensive Security Lab

Matrix Breach is an interactive, gamified educational platform designed to teach Game Hacking, Reverse Engineering, Malware Analysis, and Exploit Development. Built on a React based engine, it simulates a vulnerable memory environment where students manipulate the the Matrix's code to bypass security protections, modify game logic, and execute advanced exploits.

Release Status: Alpha — Core features are still being tested. Bugs are expected, and both gameplay logic and internal architecture are subject to change during development.

Target Audience & Scope

This platform is a Conceptual Simulator, designed to bridge the gap between theoretical computer science (OS Internals, Memory Management) and professional offensive security tooling.

• Primary Audience: Beginners (Originally built to teach my 12-year-old showing them what daddy does for a living, Matrix Breach grew into a full featured platform for anyone curious about the hidden layers of memory, exploits, and reverse engineering.)
• Difficulty Level: Beginners to Intermediate Concepts (Simulated Environment).
• Pedagogical Role:
  • Visualizing the Invisible: While standard debuggers (GDB/x64dbg) show raw hex, Matrix Breach visualizes the Virtual Address Space (Text, Data, Heap, Stack) and Pointer Dereferencing logic. This builds the mental models required for real-world memory forensics.
  • The Bridge to Tooling: Students learn the concepts behind Cheat Engine, ReClass, and Wireshark in a controlled, narrative driven environment before migrating to "sometimes messy" real world drivers and kernels.

Key Educational Features

• The Architect's View (Memory Segmentation): A real-time visualization of the 4GB Virtual Address Space, teaching students where data lives (Static Globals vs. Dynamic Heap vs. Stack Frames) and the boundaries of User/Kernel mode.
• The Data Interpreter: A side-car inspector for the Hex Editor that instantly translates raw bytes into Integers, Floats, and Pointers, reinforcing the concept that data types are merely lenses through which we view raw memory.
• The Pointer Scope: A dedicated visualizer that separates the "Reference" (The Address) from the "Value" (The Data), helping students grasp the concept of Dereferencing and Pointer Chains.

Pedagogical Framework

The curriculum is divided into four distinct pillars, taking students from basic memory scanning to kernel-level exploitation and historical signal analysis.

I. The Main Sequence (45 Levels)

A linear progression teaching modern binary exploitation and memory semantics.

• Phase I: Awakening (Levels 1-8)
  • Focus: Memory Fundamentals & Type Coercion.
  • Skills: Exact Value Scanning, Floating Point Precision, Boolean Logic, String Manipulation.
• Phase II: The Construct (Levels 9-15)
  • Focus: Memory Structures & Pointers.
  • Skills: Multi-Level Pointer Chains, Stack Frames vs Heap Allocations, Mutex Synchronization, Network Packet Sniffing.
• Phase III: Glitch in the Matrix (Levels 16-24)
  • Focus: Control Flow & Logic Hijacking.
  • Skills: ASM Patching (JZ/NOP), Function Hooking (Trampolines), Constraint Solving (XOR/CRC Checksums).
• Phase IV: The Agents (Levels 25-30)
  • Focus: Anti-Cheat & Evasion.
  • Skills: Integrity Checks, Anti-Debug (RDTSC/Timing Attacks), Obfuscation, ASLR (Address Space Layout Randomization).
• Phase V: The Source (Levels 31-45)
  • Focus: Binary Exploitation & Ring 0.
  • Skills: Buffer Overflows, ROP Chains (Return Oriented Programming), Shellcode Injection, Heap Use-After-Free, Kernel Privilege Escalation.

II. The Archives (40 Side Quests - shoutout to Lena151 tuts)

A simulation of the "Golden Age" of software cracking (Windows 95/98 era). Students interact with "broken" shareware applications inside a simulated OS window to learn reverse engineering concepts.

• Targets: Nag Screens, Time Trials, CD-Checks, Dongle Emulation.
• Techniques: Visual Basic P-Code reversing, Serial Key generation, Inline Patching, Unpacking (UPX), Import Address Table (IAT) repair.

III. Agent Interdiction (Boss Rush)

A high-stakes "Boss Rush" mode triggered by spending extended periods in The Archives. This mode features two distinct tracks:

1. Defense Protocols (Malware Analysis): Based on real-world threat hunting.
   • Techniques: Static Analysis (Strings), C2 Beacon identification, API Hashing resolution.
2. Project: THE_BEING (Cryptography): A narrative driven progression.
   • Narrative: The player works for the Agents to decrypt messages from a rogue entity, utilizing basic principles from the Cryptopals challenges.
   • Techniques: Single byte XOR brute-forcing, Repeating-key XOR, ECB pattern detection, CBC bit-flipping, PKCS#7 padding validation.

IV. The Phreaking Lab (Analog Signal Analysis)

A dedicated historical simulation of 1970s-80s phone system exploitation. Students must learn to manipulate audio frequencies to traverse the network.

• Blue Box: Synthesizes MF (Multi-Frequency) tones. Requires manual routing sequence: 2600Hz (Trunk Seizure) > KP > Number > ST.
• Red Box: Emulates coin deposit tones. Students must generate the correct sequence of 1700Hz + 2200Hz pulses (Nickel=1, Dime=2, Quarter=5).
• Silver/Beige Box: Implements standard DTMF keys and Lineman test set operations, including ANI (958) readbacks.

---

Installation & Deployment

Prerequisites

• Node.js (v18+)
• Google Gemini API Key (Used to power the in game AI tutor (Morpheus), who provides contextual guidance, memory model explanations, and level hints as students progress through the simulation.)

Local Setup

1. Clone: git clone https://github.com/ridpath/stuckinthematrix-base.git
2. Install: npm install
3. Config: Create .env with API_KEY=your_key_here (Get your API key here: https://aistudio.google.com/app/api-keys)
4. Run: npm start

Docker

docker-compose up --build

License

MIT License