Binary Code Modification
While API interception opens up a great many possibilities, it cannot by definition modify behavior which does not involve any external library calls. That’s why the 60 fps modification by DrDaxxy was missing from the list of features in the previous section, and why he had to resort to direct investigation and modification of the game code and variables to accomplish this feat.
While both API interception and binary modification boil down to reverse engineering, with the former a modder at least has the known semantics of the library functions to guide them. With binary code modification, one of the greatest challenges is finding some starting point. For DrDaxxy, who used CheatEngine for most of his work, that starting point was the idea that a game running at 30 fps should store some values representing “1/30” somewhere in memory.