Algorithms like AES-GCM are standards because - when used according to best practices - there are no known practical attacks against them.

If someone has an attack that would defeat the cryptographic protection in a particular piece of software, the software is likely doing one or more of the following:

* Not using a modern, well-tested algorithm (e.g. using DES, a hokey custom XOR stream cipher, AES-ECB, etc.).

* Not following general cryptographic best practices (e.g. hardcoded or predictable key/IV/nonce, insecure storage of keys).

* Not following best practices for the specific algorithm (e.g. using AES-GCM, but reusing a key/nonce combination; using AES-CBC without applying an integrity-protection mechanism).

* The software is doing something that doesn't make sense, cryptographically (e.g. using symmetric encryption to encrypt sensitive data, but the data and the keys are necessarily accessible to the same set of users/service accounts, so there's no net change in security).

If such an attack fails because a developer has made changes to the cryptographic algorithm, a motivated attacker is likely just going to look at the code in Ghidra, x64dbg, etc. and figure out how to account for the changes. It's not a strong security control. I've been decrypting content stored using that kind of software for something like 20 years.

The correct approach is to verify that the use of a particular type of cryptography makes sense in the first place, then use a well-tested modern algorithm and follow the current best practices. i.e. using code from years-old forum posts will likely result in an insecure product.