back to blog

1 March 2026

project: Prestiger

Prestiger

electronreverse-engineeringpathfindingdead-by-daylightmitmautomation

Prestiger

Bloodweb grinding in Dead by Daylight is insane. Prestige a character to 100, unlock perks across 40-odd survivors and killers. Hours per character, all of it clicking nodes.

So I wrote a tool that skips it.

What it does

A local MITM proxy plus an Electron app. The proxy intercepts the HTTPS between the DBD client and BHVR's API, lifts the session token, and from there the engine drives the bloodweb directly through HTTP requests. No clicking, no overlay, the game doesn't even need to be open once you've got the token.

You can:

  • Auto-complete bloodwebs on a character until they're prestiged.
  • Snipe specific perks or items by routing the pathfinder through them before finishing.
  • Farm endlessly without prestiging, just collecting bloodpoints and items.
  • Generate arbitrary unlock configurations on any character.
  • Auto-complete tome challenges via the rift API.

Works on Steam, Epic, and Xbox. Each has a different session format and a different API hostname; the proxy handles the lookup.

How the proxy works

It installs a self-signed CA into Windows on first run, then on every request to a BHVR domain it generates a TLS cert on the fly with node-forge. Game traffic goes through, the proxy reads the bhvrSession cookie, everything else passes untouched. On exit it cleans up the Windows proxy config so the user's browser still works.

The trick: once you have the session token, BHVR's API is just HTTP. Bloodweb state, node purchases, prestige triggers, tome submissions. All of it. The proxy is only there to harvest the token. After that, the game client is irrelevant.

Pathfinding

The bloodweb is a graph. Nodes have a cost (bloodpoints), a type (perk, item, add-on, offering), and the entity – DBD's spider boss thing – claims nodes between purchases as you progress.

Two modes:

  1. Cheapest finish – greedy; buy the cheapest available node every step.
  2. Item snipe – BFS to a specific target, then greedy from there.

Edge removal is dynamic because the entity claims unpredictable nodes between purchases. After every buy I refetch the web state and rebuild the graph.

Stack

Electron main process for the proxy and engines, React + TypeScript renderer for the UI, IPC between them. Tailwind and Radix UI for components, Vite as the renderer bundler, axios for the BHVR API, node-forge for TLS, the standard Node http/https modules for the proxy.

main/
├── MitmProxy          – HTTPS interception, cookie extraction
├── PrestigeEngine     – bloodweb navigation + prestige loop
├── FarmEngine         – endless bloodweb farming for items
├── ProfileGenerator   – character unlock configs
├── TomeCompleter      – rift challenge auto-completion
├── pathfinding.ts     – BFS / greedy traversal
└── data.ts            – survivor / killer definitions

renderer/
├── character selection
├── prestige controls + progress
├── sniper config
├── tome settings
└── live log

Things that bit me

BHVR rate limits if you fire purchases too fast. The engine paces them, but I had to find the floor empirically – there's no documentation.

The CA cert install needs admin elevation, which means you have to handle the case where the app crashes mid-run and leaves the system proxy config pointing at a dead listener. I had to add a startup check that detects an orphaned config and restores it.

DBD doesn't pin certificates, which is the only reason MITM is feasible. If they ever start, the whole approach dies.

Entity behaviour isn't random – it preferentially claims rarer nodes – which means the pathfinder has to predict claims a step ahead or you waste paths.

Session token rotation differs by platform. Xbox in particular has a shorter TTL than Steam. The proxy refreshes it transparently when it sees a 401 come back.

© 2026 sinister.codes · all rights reserved