Would it be balanced to change True Strike from a cantrip so simply an “Aim Action” that anyone can take?

There are few things in D&D 5E on which the consensus is as overwhelming as on the fact that True Strike is an extremely poor cantrip. As discussed in many places, the main problem is the action economy. As this answer to a similar question puts it, casting True Strike is not so much a benefit as it is a trade off: You waste your action on one turn in order to gain advantage and thus use your action more effectively on your next turn. As has also been pointed out countless times, this is rarely optimal, as attacking twice without advantage still has a better chance of hitting at least once than attacking once with advantage.

The generic scenario in which True Strike actually helps is when a character needs to put all their focus into making sure that one crucial, strategically relevant attack actually hits. Putting it like that doesn’t let it sound particularly magical: the character just takes their time to aim.

Would it be balanced to introduce an Aim Action, that is available to everyone and does exactly what True Strike does (mechanically)?

I also noticed that the Unearthed Arcana Class Feature Variants include the "Cunning Action: Aim" for the rogue. Having a general Aim Action and allowing this feature variant would keep in line with the idea that the Cunning Action lets the rogue do things anyone can do, just quicker. It’s Unearthed Arcana, so this may not be a great argument, but I like how consistent it feels.

Does an accidentally true belief that I am nearby constitute “awareness”?

From the Core Rulebook:

If you are unnoticed by a creature, that creature has no idea you are present at all. When you’re unnoticed, you’re also undetected by the creature. This condition matters for abilities that can be used only against targets totally unaware of your presence.

Am I unnoticed if an enemy genuinely and correctly believes that I am lurking about, but the reasons for which they believe it are incorrect?

In the scenario, a castle guard on patrol enters a room for the first time that day, finding the door broken open and the room itself a mess. Upon seeing this, they believe some intruder must be nearby. I am an intruder and do happen to be close by avoiding notice, but the room is in its state because another guard, drunk on duty, came through a short time earlier and wrecked the place.

My GM says the guard is aware of my presence, thus making me noticed. I think that would only be the case had it been me who forced my way in and made the mess.

Would this homebrew version of True Strike be balanced?

True Strike has been a popular discussion point. On one hand, it’s considered one of the weakest spells in the game, but on the other, balancing it as being a bonus action seems to make it overpowered.

My approach is based on its fluff text.

Your magic grants you a brief insight into the target’s defenses.

I propose that, similarly to the Fighter’s Know Thy Enemy feature, True Trike would grant advantage on an attack in the next turn, as before, and, additionally,

The DM tells you if the creature is your equal, superior, or inferior in regard to two of the following characteristics of your choice:

  • Intelligence score
  • Wisdom score
  • Charisma score
  • Armor Class
  • Current hit points
  • Total class levels, if any
  • Total spellcasting levels, if any

I’m not sure if two characteristics is too much, compared with the Fighter’s 7th level feature. This would be one of the few ways (if any?) to get information about a creature’s mental scores, and it clearly has more of a caster-vibe than Know Thy Enemy.

How balanced would this be?

What insight does True Strike grant?

The part of the True Strike spell I am concerned with reads:

Your magic grants you a brief insight into the target’s defenses.

I’d always considered this to be flavor text. But a friend of mine disagreed. He argued that this meant that the DM should give the player some insight into the target’s defenses.

For example, the DM might say “You sense that the dragon is fortified against fire.”

The thing is, I’m not sure he is wrong. Is this interpretation correct?

Can True Strike give me specific information about my target’s defenses? [duplicate]

The True Strike cantrip provides:

You point a finger at a target in range. Your magic grants you a brief insight into the target’s defenses. On your next turn, you gain advantage on your first attack roll against the target, provided that this spell hasn’t ended.

There’s another thread on this site discussing the cases in which casting this spell might make sense. Implicit in these arguments seems to be the idea that the "brief insight" granted by the spell is not useful in itself. It occurred to me that such insight could be useful in itself if it granted knowledge of specific details that might be useful for higher-order tactical or strategic planning outside of just getting Advantage on the next turn.

Does the brief insight granted by True Strike provide access to specific details about the target’s defenses, or is the language simply an explanation of how the player gains Advantage? An example could be where I don’t particularly need to gain Advantage on my next roll, but I want to know whether that bandit over there is concealing any weapons or wands underneath his cloak.

If the first case is true, a DM might report,

Ok, you cast True Strike at the cloaked bandit. He has knives hidden in each of his boots, and is carrying two wands of Fireball and one of Magic Missile in the sack over his shoulder. The walking stick he is carrying conceals a three-foot double-edged sword. He is resistant to lightning damage though a spell that seems to have been cast on him, but you would need a more powerful spell than True Strike to identify the exact spell or source. If you still have concentration at the start of your next turn, you will have Advantage in attacking.

Would it be balanced to change True Strike from a cantrip to a 1st level spell?

True Strike is often considered as a poor or at least very situational cantrip, as is also discussed in the question Why would I ever cast True Strike?. On the other hand, the answers also show that there are indeed situations in which the cantrip can be very useful. I like these scenarios, and I would like to see them in more games, but players hardly ever pick True Strike.

From my experience, the main problem is its high opportunity cost: Most characters get only few cantrips, so choosing a cantrip with such situational benefit is not very attractive. If it were a 1st level spell, it would even get a bit weaker in the sense that it now would consume a spell slot, but learning it would be much less of an investment. Since the cantrip does not scale with the character level, changing it to a 1st level spell wouldn’t need any further mechanical adjustments. Hence my question:

Would it be balanced to change True Strike from a cantrip to a 1st level spell in order to encourage players to choose it at all?

If a creature dies when under the effect of a polymorph ability, does it ever revert to its true form?

Say a creature has polymorphed itself. For instance, a dandasuka using its Change Shape ability. If it dies, will it naturally revert to its true form? If so, when? I don’t see any info about this in the Polymorph trait’s rules.

If there aren’t any cut-and-dry rules about this, does any official literature suggest one way or another?

How is AMP-Same-Origin: true even remotely secure?

in the AMP Docs, the following snippet is given:

If the Origin header is set:

  1. If the origin does not match one of the following values, stop and return an error response:

    • <publisher's domain>.cdn.ampproject.org

    • the publisher’s origin (aka yours)

      where * represents a wildcard match, and not an actual asterisk ( * ).

  2. Otherwise, process the request.

If the Origin header is NOT set:

  1. Verify that the request contains the AMP-Same-Origin: true header. If the request does not contain this header, stop and return an error response.
  2. Otherwise, process the request.

What I don’t understand is how the AMP-Same-Origin header provides a form of security.

TLDR:

Couldn’t anyone provide an AMP-Same-Origin: true header in a browser missing the Origin header and skip CSRF protection even if it’s not on a trusted AMP CDN?

Buffer overflow Mona modules all show Rebase SafeSEH ASLR True

Almost every beginners (noob friendly) tutorial written for Stack based buffer overflow explains when using mona module to locate a safe reliable memory address for our EIP to JMP to our shellcode should have Rebase, Safe SEH, ASLR disabled.

enter image description here

However in a recent stack based buffer overflow challenge, all the modules mona provided showed they were protected except for the executable itself.

I used a module (DLL) that had those protections shown by mona to JMP to my shellcode and successfully execute my shellcode which really confused me.

If the executable itself is not protected does that mean we can use any DLL to JMP to our shellcode? if not what is the proper way to handle this situation?