Many cheating tools actually render to a secondary back-buffer. Much more convenient for the cheater, because they can even live-stream their play and everything will look clean.
It's usually not that difficult to hook the DirectX binding calls to bind an additional G-buffer, because games tend to do render to multiple G-buffer targets already for things like post-processing reflections, depth of field or motion blur. Then you patch the shaders to write the info you want/need to your new G-buffer. The game will continue to work with its (unmodified) G-buffers while you can work with your (invisible to the game) private buffer. In a gist, that's how you invisibly collect aimbot hitboxes using DXVK.
The last step then would be to smoothly nudge the player's aim onto your detected hitbox. Depending on how you do that, it may or may not be detect-able, not even to onlookers.
So the only real protection is to block the data collection in the first place, which means you need to block any kind of virtualization and any kind of 3rd party graphics API drivers, such as home-compiled DXVK binaries.
couldn't a cheater intercept their own client with a man-in-the-middle-attack, pull out the data like player positions and stuff, and simulate the game on another PC?
you could even do aimbot by finding the client's input packets and replacing them.
i suppose if the game's connection was encrypted or something you would still need to access the client PC's memory
