Leaks NullCordX [3.0.7x]

No permission to download
Since this resource is in the "Leaks" category, we can't guarantee to update it! But we will try to update the resource to the latest version.
Short Description:
Sophisticated Waterfall fork that aims for avoid BungeeCord exploit level
  • Like
Reactions:158 users

Latest updates

⭐NullCordX⭐ Extreme AntiBot

3.0.7x [NullCordX Update] ⋘────────────────────↠∗∗↞────────────────────⋙ Due a lot of botters...
Supports version
  1. 1.8.+
  2. 1.9.+
  3. 1.10.+
  4. 1.11.+
  5. 1.12.+
  6. 1.13.+
  7. 1.14.+
  8. 1.15.+
  9. 1.16.+
  10. 1.17.+
  11. 1.18+
  12. 1.19.+
Official page
  1. Java 8



AntiBot Protecion & Checks:

We are not a Linux application based, if you are using an Shared host or Windows we have a large number of checks to handle the traffic. However, if you run the proxy as root, you'll get extra features like easy-and-fast mitigation of attacks via deniying connections using IPSet/IPTables.
  • Empty world check -> Advanced filter to verify any type of sent packet.​
  • Latency check -> System to add an limit of ping and kick it if is bigger. (Configurable limit)​
  • Pre-Join check -> If it is not saved on the cloud already, will ask re-join some times.​
  • Nickname check -> Option to verify player names, such as repetitive, blacklisted and strange names.​
  • Proxy check -> NullCordX verifies the request to the server, and if is detected as proxy will be blacklisted.​
  • Direct-Connect check -> If the software detects any strange loadup on connections will avoid direct-connection.​
  • Bot check -> Checks if the entity its acting as a bot and kick it.​
  • Exception check -> The proxy checks on any connection the thrown exceptions, if they are malformed & thrown multiple times will be blacklisted.​
  • Internal checks -> Internal netty & anti-exploit checks with the purpose of not bothering the player.​
  • Multiple exception -> Most of "smashers" are based on spamming legit BungeeCord packets to the instance, you can limit and avoid them.​
  • Blacklist (via iptables) -> Linux tool implemented to blacklist quickly bad TCP connections to avoid attack reach maximun performance​
  • Favicon check -> If its enabled, will check any attempt of an invalid ping will blacklist the connection.​
  • Geyser checks -> If its enabled, some bedrock checks that are specifically for bedrock players will start working​
  • Uncompressed Login packets -> By limit on uncompressed packets before player logins and if and if it is exceeded, it will be thrown out.​
  • Invalid packet checking -> NullCordX verifies Minecraft protocol packets without trowing any exception and kicking instantly if is not recognised​
  • Cloud system -> Through several time, NullCordX verifies if the connection is already blacklisted on the system.​
Spigot Anti-Crash

A large list of crashers for spigot especially 1.8 need plugins that give lag, performance problems and false positives.

Thanks to our native system, no bug is possible and without lag we can detect any exploit related to crashes.

Also is working in all versions to avoiding things like (GasClient, ToxicClient, PacketCrashers, Heaven) and all related clients.

The server admin can cancell the packet, or just kick it with netty > By default is working with netty to faster mitigation!

Bungeecord Secure Level

Waterfall opens up endless possibilities to new exploits that can consume all your resources and even throw the instance.

NullCordX is more than secure against this kind of attacks, and mitigates it instantly for as long as you configure it, you can be secure with exploits.


It is legitimately impossible to have a large server with BungeeCord, as its consumption is very extreme with a large number of players in a single instance.

NullCordX replaces the native compression system to libdeflate (much more optimized) than the one used by BungeeCord.

We have also fixed internal memory leaks, which cause instability of the proxy itself.

NullCordX avoids using heavy buff systems (BungeeCord copies the buff in the protocol) which is very slow and not very optimized.

We changed the whole system by removing part of the entity-rewrite.

On top of that, we added Tcp Fast Open (System to handle connections faster) between server and client. Which makes a proxy more effective.

Best compatibility

Our community likes to have modern things like the competition, that's why we have added multiple improvements respecting everyone.

Modern FORGE support thanks to our advanced system (1.13+)

Bedrock has a lot of problems with anti-bot and login systems, we detect the connection and give the option to bypass any kind of human verification to it.

DynDNS support. We have implemented a much requested feature, which is not yet in this market (Dynamic Domain Name System support) for those hosts that gives compatibility to in-house hosts, by default Waterfall does not support it.

nLogin support. This plugin is very good, and that's why we have supported using their cloud system and api to avoid verifying people who already did it once, besides that you can skip verifications for bedrock.

Advanced AntiProxy, AntiVPN system.

Buyers enjoy a fairly extensive api updated every day with a fairly extended limit, to avoid rate-limit crashers.

You can also use different AntiProxy pages/licenses, but we have a cloud system to save all the proxies that are blocked, so that on another server they will not be used again.

In addition, you can block specific countries that tend to frequent many attacks (you can also activate it when an attack is detected).

IPTables firewall

IPTables is a Linux-only tool that allows you to modify all kinds of internet rules, and the best way that we can use to blacklist connections.

If the server has ROOT permissions we will install an iptables tool called IPset that allows us to block lists and we can use it to block by time.

This way we can mitigate attacks much more quickly and efficiently without having to have a very good system.

Proxy improvements

We care a lot about security, that's why we have a debug mode, if something goes wrong you can report it and it will be fixed in a very short time.

Very intense proxy scraper (100k+) per day, and we keep adding more pages so that most attacks are instantly invalidated.

Instant mitigation for any bungeecord exploit for Layer 7, Netty or related exploit.

By default you can disable all checks, but if the proxy detects that it is in attack and you have enabled this option you can enable it only in attack.

Thanks to our internal Login improvements, we can still handle premium connections even if the Mojang API is down.Premium players can join even if Mojang servers are down due Login speedments.

More features
  • All the checks can be toggled.​
  • AntiNullPing, AntiSmasher, AntiPing, AntiBot system all aplicable on non Kernel.​
  • Friendly and easy configuration to understand for new people.​
  • Hook into some plugins like (jPremium, DynamicBungeeAuth and SkinsRestorer) to avoid errors.​
  • Not kernel based, we allow shared hosts to use the resource.​
  • Supporting all the versions incluiding 1.7 without random disconnects.​
  • Powerfull logger system to avoid unwanted, and few random logs​
  • Checks for bedrock, spigot and bungeecord.​
  • Option to disable scoreboard, bossbar packets (Not working with bedrock)​
  • Supporting modern forge connections.​
  • Legacy bedrock connections support.​
  • Option to blacklist and whitelist Countries.​
  • Good and knowledgeable community & fast staff-support (Most staff knows +3 languages).​
  • AntiCrash system built into spigot to avoid exploits in-it.​
  • DynDNS support, very claimed on Minecraft proxys​
  • nLogin hook - Server admin can avoid verify players if are already registered by nLogin & is premium​
  • Ablity to see your plugins of BungeeCord.​
  • Forward & BungeeGuard support for Paper instances​
Test Server



Contact me if you need it: xIsm4#9127