From c13d53aad4e7d941644a8e439dd12ebf94f6c2b6 Mon Sep 17 00:00:00 2001
From: xerox <xerox@back.engineering>
Date: Sun, 26 Jul 2020 03:35:12 +0000
Subject: [PATCH] Update README.md

---
 README.md | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 9915fb9..5801c3c 100644
--- a/README.md
+++ b/README.md
@@ -91,4 +91,10 @@ BEDaisy checks the IRP's of every single loaded driver. Below is the checks done
 00042980	92.56213379	[GoodEye]     - NonPaged VirtualAddress: 0xFFFFF80498F516A0	// address of DxgkDeviceIoctl
 00042981	92.56213379	[GoodEye]MmIsAddressValid Called From: 0xFFFFF804DEFE1116	
 00042982	92.56213379	[GoodEye]     - NonPaged VirtualAddress: 0xFFFFF80499059670	// address of DxgkInternalDeviceIoctl
-```
\ No newline at end of file
+```
+
+# Imports
+
+All of import addresses are stored in the `.data` section of the driver and can easily be changed to hook imported functions.
+
+<img src="https://imgur.com/hafZdDd.png"/>
\ No newline at end of file