🕹️Unreal Engine
🚨 freeRASP for Unreal Engine – Early Release [10/2025]
We’re excited to introduce freeRASP for Unreal Engine as a new flavor of our runtime protection library. As it’s still fresh, you may encounter some integration issues that need to be ironed out.
We’d love to hear about your experience—good or bad. Please open an issue on GitHub or write us directly at [email protected]. Your feedback helps us make it better!
📝 Prerequisites
The freeRASP has the following prerequisites that must be met before starting:
Supported Unreal Engine Versions: 5.1 or higher
Minimum Android Target SDK: API Level 23
Minimum iOS Deployment Target: 15.0
🚀 Integration Steps
📦 Install Plugin
To install the plugin, download the latest release from the Releases page on GitHub.
Navigate to the Releases page on the GitHub repository.
Under the latest release (e.g., 0.1.0), find the Assets section.
Download the
.zipor.tar.gzfile, for example,Free-RASP-UnrealEngine-POC-0.1.0.zip.Extract the archive. Inside you will find the FreeRASPPlugin folder.
Copy the entire FreeRASPPlugin directory into your project's Plugins folder. If a Plugins folder doesn't exist at the root of your project, you will need to create it first.
The correct final directory structure should look like this:
[YourProjectName]/
├── Content/
├── Source/
├── Plugins/ <-- Create if missing
│ └── FreeRASPPlugin/
└── YourProjectName.uprojectTo complete the installation, please restart the Unreal Editor to allow it to detect the new plugin.
⚙️ Enabling the Plugin
Enabling the plugin involves two steps: enabling it in the editor and verifying the dependency in the C++ build file.
In the main Unreal Engine menu, navigate to Edit -> Plugins.
In the left panel, find the Project -> Security category.
Locate the FreeRASP plugin and ensure the Enabled checkbox is checked.
Open your project's build configuration file, named <project_name>.Build.cs. Verify that the module name FreeRASPPlugin is added to the PublicDependencyModuleNames list.
It should look similar to this example:
using UnrealBuildTool;
public class freeRASP4 : ModuleRules
{
public freeRASP4 (ReadOnlyTargetRules Target) : base(Target)
{
PCHUsage = PCHUsageMode.UseExplicitOrSharedPCHs;
PublicDependencyModuleNames.AddRange(new string[] {
"Core",
"CoreUObject",
"Engine",
"InputCore",
"EnhancedInput",
"AIModule",
"StateTreeModule",
"GameplayStateTreeModule",
"UMG",
"FreeRASPPlugin" // <-- check if this line is added
});
}
}🧠 Handle Detected Threats
With the plugin installed and enabled, it's time to write the code to initialize freeRASP and handle its threat notifications. This process involves preparing a C++ class, initializing the plugin at startup, and implementing a function to handle threats.
C++ Class Preparation (.h)
First you need to prepare a class to receive threat notifications. The recommended place for this is your APlayerController class, as it persists for the entire game session.
In your class's header file (.h), include the plugin's header and define the function that will act as the callback.
Example AFreeRASPPlayerController.h:
#pragma once
#include "CoreMinimal.h"
#include "GameFramework/PlayerController.h"
#include "FreeRASPPluginLibrary.h" // <-- 1. Include the header file
#include "FreeRASPPlayerController.generated.h"
/**
* Basic PlayerController class for a game
*/
UCLASS(abstract)
class AFreeRASPPlayerController : public APlayerController
{
GENERATED_BODY()
protected:
/** Input Mapping Contexts */
UPROPERTY(EditAnywhere, BlueprintReadOnly, Category = "Input", meta = (AllowPrivateAccess = "true"))
TArray<UInputMappingContext*> DefaultMappingContexts;
/** Input mapping context setup */
virtual void SetupInputComponent() override;
virtual void BeginPlay() override; // initialize FreeRASP here
UFUNCTION()
void HandleSecurityThreat(ThreatType ThreatType); // define this method to receive threat callbacks
};Plugin Initialization (.cpp)
Initialization should occur as early as possible when the game starts. The BeginPlay() method is the ideal place for this. Here, you will connect your HandleSecurityThreat function and set the configuration parameters for freeRASP.
Example MyPlayerController.cpp:
#include "AFreeRASPPlayerController.h" // Include your header file
#include "FreeRASPPluginLibrary.h" // Include the plugin header
void AFreeRASPPlayerController::BeginPlay()
{
Super::BeginPlay();
// Get the FreeRASP plugin library instance
if (UFreeRASPPluginLibrary* FreeRASPLib = GetGame->GetSubsystem<UFreeRASPPluginLibrary>())
{
// 1. Bind your function to the threat detection event
// The class name here MUST match the class you are in (e.g., AMyPlayerController)
FreeRASPLib->OnSecurityThreatDetected.AddDynamic(this, &AFreeRASPPlayerController::HandleSecurityThreat);
// 2. Prepare the configuration
// Important: These values are placeholders. Replace them with your actual data.
// iOS Configuration
TArray<FString> AppBundleIds;
AppBundleIds.Add(TEXT("com.game.bundle.id"));
FString AppTeamId = TEXT("1AB2C3");
// Android Configuration
FString PackageName = TEXT("com.talsec.free.rasp.game");
TArray<FString> SigningCertificates;
SigningCertificates.Add(TEXT("ilx/AtYu7TpAu5cma4JdDXio5bayFSi89axnyOCjfFo="));
TArray<FString> AlternativeStores;
AlternativeStores.Add(TEXT("com.samsung.android.apps.galaxyapp"));
// General Configuration
FString WatcherEmail = TEXT("[email protected]");
bool IsProduction = true; // Set to false for development builds
// 3. Initialize freeRASP
FreeRASPLib->InitializeTalsec(
AppBundleIds,
AppTeamId,
PackageName,
SigningCertificates,
AlternativeStores,
WatcherEmail,
IsProduction
);
}
}Handler Implementation (.cpp)
Finally, implement the logic for the HandleSecurityThreat function itself. This part of the code decides what happens when a specific threat is detected.
Example FreeRASPPlayerController.cpp:
void AFreeRASPPlayerController::HandleSecurityThreat(ThreatType ThreatType)
{
UE_LOG(LogTemp, Warning, TEXT("Security threat detected: %d"), ThreatType);
switch (ThreatType) {
case ThreatType::OnPrivilegedAccess:
UE_LOG(LogTemp, Warning, TEXT("Privileged access threat detected"));
break;
case ThreatType::OnAppIntegrity:
UE_LOG(LogTemp, Warning, TEXT("App integrity threat detected"));
break;
case ThreatType::OnDebug:
UE_LOG(LogTemp, Warning, TEXT("Debug threat detected"));
break;
case ThreatType::OnSimulator:
UE_LOG(LogTemp, Warning, TEXT("Simulator threat detected"));
break;
case ThreatType::OnUnofficialStore:
UE_LOG(LogTemp, Warning, TEXT("Unofficial store threat detected"));
break;
case ThreatType::OnHookDetected:
UE_LOG(LogTemp, Warning, TEXT("Hook threat detected"));
break;
case ThreatType::OnDeviceBinding:
UE_LOG(LogTemp, Warning, TEXT("Device binding threat detected"));
break;
case ThreatType::OnDeviceID:
UE_LOG(LogTemp, Warning, TEXT("Device ID threat detected"));
break;
case ThreatType::OnObfuscationIssues:
UE_LOG(LogTemp, Warning, TEXT("Obfuscation issues threat detected"));
break;
case ThreatType::OnScreenshot:
UE_LOG(LogTemp, Warning, TEXT("Screenshot threat detected"));
break;
case ThreatType::OnScreenRecording:
UE_LOG(LogTemp, Warning, TEXT("Screen recording threat detected"));
break;
case ThreatType::OnPasscode:
UE_LOG(LogTemp, Warning, TEXT("Passcode threat detected"));
break;
case ThreatType::OnPasscodeChange:
UE_LOG(LogTemp, Warning, TEXT("Passcode change threat detected"));
break;
case ThreatType::OnSecureHardwareNotAvailable:
UE_LOG(LogTemp, Warning, TEXT("Secure hardware not available threat detected"));
break;
case ThreatType::OnDevMode:
UE_LOG(LogTemp, Warning, TEXT("Dev mode threat detected"));
break;
case ThreatType::OnADBEnabled:
UE_LOG(LogTemp, Warning, TEXT("ADB enabled threat detected"));
break;
case ThreatType::OnSystemVPN:
UE_log(LogTemp, Warning, TEXT("System VPN threat detected"));
break;
case ThreatType::Unknown:
UE_LOG(LogTemp, Warning, TEXT("Unknown threat detected"));
break
}
}Last updated