From 40574d01290a652eb6cd87a2e1c3ada6e69283c7 Mon Sep 17 00:00:00 2001
From: _xeroxz <xerox@back.engineering>
Date: Sun, 28 Feb 2021 05:10:52 +0000
Subject: [PATCH] Update README.md

---
 README.md | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/README.md b/README.md
index 7110516..1304afc 100644
--- a/README.md
+++ b/README.md
@@ -37,6 +37,23 @@ drv::kalloc_t _kalloc = [&](std::size_t size) -> void*
 };
 ```
 
+###### drv::kmemcpy_t - VDM Example
+
+***NOTE:*** The memcpy being called in this example is exported from ntoskrnl.exe and not in usermode.
+
+```cpp
+drv::kmemcpy_t _kmemcpy = 
+	[&](void* dest, const void* src, std::size_t size) -> void*
+{
+	static const auto kmemcpy = 
+		reinterpret_cast<void*>(
+			utils::kmodule::get_export(
+				"ntoskrnl.exe", "memcpy"));
+
+	return vdm.syscall<decltype(&memcpy)>(kmemcpy, dest, src, size);
+};
+```
+
 #### MSREXEC Example
 
 ***