I've spent the past few days looking over the source code and checking over a bunch of stupid steps, and I think I've found a way to detect BLHack's aimbot, automatically, from a DLL.
How?
In short, I predict where the aimbot will want to aim at, and compare against the player's ACTUAL aim, and add in a bit of variation to determine if the movement they've just done is humanly possible. Yes, there are false positives, however, I'm hoping that with several community leaders testing this DLL, and reporting feedback, that I'll be able to improve it to make it absolutely fool-proof (within reason...).
If you wish to contribute/get a copy of the DLL/have it demonstrated to you, please PM me, and I'll try to get back to you as soon as possible.
This is just a proof of concept ATM.
No, this doesn’t evaluate any code on the client-side. No, this doesn’t need to be run on a client. This is purely server-sided, and doesn’t interact with the client, merely, reading the data the client sends.
PoC (with BLHack):
https://gfycat.com/VigorousDesertedIslandcanaryPoC (keyboard turning, legitimate):
https://gfycat.com/MatureChiefEastsiberianlaikaSource:
https://github.com/ohninedotseven/BLAC