all projects

// case study

Prestiger

Electron desktop app that automates Dead by Daylight's bloodweb prestige system. Features MITM proxy for session capture, graph pathfinding for bloodweb navigation, item sniping, farming mode, and tome auto-completion. Supports Steam, Epic Games, and Xbox.

electronnode.jsreacttypescripttailwind cssradix uivite
github
1 March 2026 electronreverse-engineeringpathfindingdead-by-daylightmitmautomation

Dead by Daylight Bloodweb Exploit

Bloodweb grinding in Dead by Daylight is insane. Prestige a character 100 times, unlock perks across 40+ survivors and killers.

So I wrote a tool that bypasses it completely.

What It Does

This is a local MITM proxy + Electron app that:

  • Unlocks everything via API manipulation — send requests as if you're the DBD client, complete bloodwebs automatically without clicking
  • Exploits the session token extracted from game traffic to run prestige/farm loops
  • Item sniping — route through webs to grab specific perks/items before finishing
  • Endless farming — run farming loops without prestiging, just grab what you want
  • Profile generation — unlock arbitrary configurations for any character
  • Works on Steam, Epic, Xbox — each platform has different session formats, we handle them all

How

The MITM Proxy

HTTPS traffic between DBD and BHVR gets intercepted locally. The proxy:

  1. Installs a self-signed CA cert into Windows
  2. Generates on-the-fly TLS certs for BHVR domains
  3. Extracts the bhvrSession token from game traffic
  4. Passes everything else through untouched
  5. Cleans up the Windows proxy config on exit

The exploit: once you have the session token, you can send API requests directly without the game client. BHVR's API is just HTTP calls — bloodweb navigation, purchases, prestige triggers. All of it.

Bloodweb Pathfinding

The bloodweb is a graph. Nodes have costs (bloodpoints), types (perks, items, add-ons), and an AI entity that claims nodes as you purchase.

Algorithm:

  1. Fetch the web state from the API
  2. Build a graph of available nodes
  3. Find the shortest path to target items (BFS), or cheapest path to complete (greedy)
  4. Send purchase requests in order
  5. Handle the entity claiming nodes between purchases
  6. Repeat until done, then prestige

The Stack

  • Electron — desktop app shell with IPC between main and renderer processes
  • Node.js — main process handles proxy, API calls, pathfinding, and engine logic
  • React + TypeScript — renderer process with a clean UI
  • Tailwind CSS + Radix UI — component styling
  • node-forge — on-the-fly TLS certificate generation for MITM
  • axios — HTTP client for BHVR API requests
  • Vite — renderer build tool

Architecture

main.js (Electron main process)
├── MitmProxy          — HTTPS interception, cookie extraction
├── PrestigeEngine     — bloodweb navigation + prestige loop
├── FarmEngine         — endless bloodweb farming for items
├── ProfileGenerator   — character unlock configs
├── TomeCompleter      — rift challenge auto-completion
├── pathfinding.js     — BFS/greedy web traversal
└── data.js            — survivor/killer definitions

renderer/ (React + Vite)
├── Character selection UI
├── Prestige controls + progress
├── Sniper configuration
├── Tome settings
└── Live log output

Challenges

Session management — BHVR's session tokens rotate and are platform-specific. The proxy needs to extract them from different cookie formats across Steam, Epic, and Xbox. Each platform uses a different API hostname.

Entity behavior — the entity in the bloodweb isn't random. It follows specific rules about which nodes to claim based on rarity and position. The pathfinder needs to account for entity claims that happen between purchases.

Rate limiting — sending requests too fast triggers BHVR's rate limiting. The engine needs careful pacing between purchases to avoid getting blocked.

Certificate management — the MITM proxy needs to install a root CA certificate on the user's system. This requires admin elevation, proper cleanup on exit, and handling edge cases like the app crashing without cleaning up proxy settings.

What I Learned

  • MITM proxying is powerful but fragile — certificate pinning, HSTS, and browser security make this harder than it sounds. Luckily, the DBD client doesn't pin certificates.
  • Graph pathfinding in practice — the bloodweb is a real-world graph traversal problem. BFS for target items, greedy for fast completion, with dynamic edge removal as the entity claims nodes.
  • Electron IPC patterns — keeping the main process (proxy + engines) cleanly separated from the renderer (React UI) through well-structured IPC channels.
  • API reverse engineering — understanding BHVR's bloodweb API required intercepting and analyzing dozens of request/response cycles to map the state machine.

This is a personal tool for automating repetitive game mechanics. Use at your own risk.

© 2026 sinister.codes · all rights reserved