From 8787cb897b20f96e5b807be88d2471a247c3c20d Mon Sep 17 00:00:00 2001 From: _xeroxz Date: Fri, 18 Dec 2020 03:33:11 +0000 Subject: [PATCH] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index a8e17be..020a331 100644 --- a/README.md +++ b/README.md @@ -27,5 +27,5 @@ a pml4e into a pml4 is also detected as the PFN database contains all of the PFN be pointing at other processes page tables and thus other processes PFNs. This project also does not spoof return addresses so everytime the CPU executes the internal module it is leaving return addresses on the stack which do not land inside of legit modules text sections. Simply APC's will catch this and BattlEye already does this. -You can also create ranges of executable memory given the page tables of a process. If there is executable pages outside of a loaded modules .text sections +You can also construct a view of executable memory given the page tables of a process. If there is executable pages outside of a loaded modules .text sections they can become apparent easily. Since the CPU is constantly executing the cheat it is unlikely that it will be paged to disk. \ No newline at end of file