Reverse Engineering
My biggest personal project (~4 years)
Date: 2022 - 2026
Overview
This large-scale personal project evolved from reverse engineering scripts into a multi-service distributed platform running in production on my VPS. The initial architecture started with Website BDMD on a classic LAMP stack (Apache2, PHP, MySQL). It then migrated to a Debian Docker stack using Nginx + PHP + MySQL + application containers with a shared web root and compose-based orchestration. Today, the ecosystem combines reverse engineering, live parsing, automation, and web administration through:
- semaphore for proxy/parser execution, supervision, and multi-account management.
- BDM-svelte-manager for SvelteKit-based administration, Discord integrations, and manager-facing dashboards.
- BDM-BDD-API (XavierDB API) as a FastAPI layer above MongoDB for controlled data access.
This project now covers protocol reverse engineering, real-time data pipelines, database APIs, deployment automation, and production operations.
Key Features
- Reverse Engineering Core: Reverse engineered the game client protocol and traffic format to build reliable packet decoding and runtime control tools.
- Packet Injection Pipeline: Built a custom packet injection system after traffic mirroring, enabling controlled packet modification and event automation.
- Distributed Proxy/Parser System (
semaphore): Implemented a Python proxy/parser architecture with supervision, logs, scanning flows, and manager APIs for many concurrent users/accounts. - Multi-Account Management API: Exposed account and supervisor controls through manager routes under
/api/v1/..., including status, logs, and command dispatching. - Web Supervisor Endpoints: Added supervisor endpoints (
/supervisor/snapshot,/supervisor/logs,/supervisor/command) to operate parser/proxy workflows remotely. - Legacy Platform (
Website BDMD): Designed and maintained the original monolithic website architecture (Apache2/PHP/MySQL) used to display chat, player stats, rankings, and maps. - Dockerized VPS Migration: Migrated to Docker Compose services with Nginx reverse proxying and dedicated containers for PHP runtime, MySQL, Svelte manager app, and MongoDB service.
- Svelte Admin Platform (
BDM-svelte-manager): Built a SvelteKit app with operational pages (/admin-manager,/admin-manager/supervisor/:accountId) to control backend systems. - Discord App Integration: Embedded Discord bot workflows in the Svelte manager runtime for operational commands, data interactions, and event notifications.
- MongoDB API Layer (
BDM-BDD-API): Built a FastAPI service exposing/authand/queryfor secured MongoDB operations over more than 100k collections. - Dual Database Strategy: Combined MySQL for legacy relational workflows and MongoDB for high-volume document-centric datasets.
- Automation with ADB and Bots: Automated client-side actions with ADB scripts and connected remote bots/webhooks for event-driven reactions.
Challenges and Learnings
This project introduced long-term architectural challenges across reverse engineering, distributed orchestration, and production migration.
Protocol Reverse Engineering and Stability: Understanding and reproducing packet structures was a major challenge. Reliability required strict validation and careful timing to avoid client-side inconsistencies.
High-Throughput Data Flow: Keeping proxy, parser, queueing, and dispatch flows synchronized under sustained load required robust inter-process coordination and monitoring.
Packet Injection Reliability: Injection logic had to be deterministic and safe enough to avoid crashes while still enabling meaningful automation scenarios.
Multi-User Orchestration: Scaling
semaphoreto manage many accounts at once required per-account isolation, supervisor observability, and clear control boundaries in manager APIs.Migration from LAMP to Docker + Nginx: Moving from Apache2-centric behavior to Nginx with Dockerized services required routing adjustments, compatibility rewrites, and environment standardization.
MySQL and MongoDB Coexistence: Running both relational and document stores in the same platform required clear data ownership, separate access paths, and disciplined query boundaries.
Svelte Admin and API Integration: Building manager pages that interact with backend supervisor APIs required strong contract consistency and operationally safe command handling.
Deployment and Operational Discipline: Stabilizing production deployments involved compose validation, container health checks, log-based debugging, and repeatable CI/CD flow through GitHub Actions.
Through these challenges, I gained practical experience in network protocol analysis, multi-service backend design, containerized deployment, and full-stack operational engineering.
Technologies Used
Proxy, Parser, and Manager Backend
| Name | Badge | Purpose |
|---|---|---|
| Python |  | Core language for reverse engineering, proxy/parser runtime, and automation tools |
| FastAPI |  | Manager and API services for supervision and account orchestration |
| Uvicorn |  | ASGI server for Python API runtimes |
| socketserver |  | Low-level proxy communication handling |
| Named semaphores / IPC |  | Inter-process signaling between proxy and parser components |
Web Apps and APIs
| Name | Badge | Purpose |
|---|---|---|
| SvelteKit |  | Admin web interface and management workflows (BDM-svelte-manager) |
| TypeScript |  | Typed backend/frontend logic for manager features |
| Node.js |  | Runtime for SvelteKit server and integrated services |
| Discord.js |  | Discord app integration running with the web manager |
| REST APIs |  | Service contracts across manager, supervisor, and data APIs |
Containerization, Hosting, and Delivery
| Name | Badge | Purpose |
|---|---|---|
| Docker |  | Containerization of web, API, and database services |
| Docker Compose |  | Multi-service orchestration for the VPS stack |
| Nginx |  | Reverse proxy and virtual host routing |
| GitHub Actions |  | Automated deployment workflows |
| OVH |  | VPS hosting provider |
| Cloudflare |  | DNS, edge routing, and security layer |
Databases and Data Access
| Name | Badge | Purpose |
|---|---|---|
| MySQL |  | Relational store used by legacy and PHP workflows |
| MongoDB |  | High-volume document storage (100k+ collections) |
| PyMongo |  | Python client for MongoDB operations and services |
| PDO / PHP DB Layer |  | Database connectivity in legacy PHP applications |
XavierDB API (BDM-BDD-API) |  | Authenticated API gateway for MongoDB (/auth, /query) |
Legacy Website Stack (Historical Architecture)
| Name | Badge | Purpose |
|---|---|---|
| Apache2 |  | Original web server used in the monolithic phase |
| PHP |  | Backend logic for dynamic pages and database access |
| LAMP Stack |  | Original end-to-end hosting model before container migration |
Frontend and Visualization
| Name | Badge | Purpose |
|---|---|---|
| HTML5 |  | Website structure and templates |
| CSS3 |  | Styling and responsive layout |
| JavaScript |  | Interactive client-side behavior |
| Bootstrap |  | UI components and responsive design |
| Plotly |  | Interactive graphs |
| Chart.js |  | Data visualization dashboards |
| Leaflet |  | Interactive map rendering |
Automation and Bots
| Name | Badge | Purpose |
|---|---|---|
| ADB |  | Android device automation for gameplay control |
| Pure Python ADB |  | Python integration with ADB workflows |
| Webhooks |  | Event-driven integrations between services |