From 5823d40448d9077cedb84c7360ba4d1370bfaedd Mon Sep 17 00:00:00 2001
From: ALittlePatate <48603993+ALittlePatate@users.noreply.github.com>
Date: Wed, 6 Nov 2024 17:10:22 +0100
Subject: [PATCH] add: readme file

---
 README.md | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 README.md

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..4832971
--- /dev/null
+++ b/README.md
@@ -0,0 +1,21 @@
+# Revird
+Driver for x64 bit Windows, can read/write memory, get the address of a process/module in a process.<br>
+
+## Example usage
+You can find an example usage in the `EdomResu` folder (UserMode backwards).<br>
+
+```C++
+int main(void) {
+    QWORD proc_addr = GetProcess(L"explorer.exe");
+    QWORD mod_addr = GetProcessModule(L"explorer.exe", L"kernel32.dll");
+    BYTE mz = RPM<BYTE>(proc_addr);
+
+    printf("Address of explorer.exe : 0x%p\n", (void*)proc_addr);
+    printf("Address of kernel32.dll in explorer.exe : 0x%p\n", (void*)mod_addr);
+    printf("Header of explorer.exe : 0x%X\n", mz);
+    printf("Unloading driver...");
+    DriverUnload();
+    printf("ok.\n");
+    return 0;
+}
+```