From a9183bc5d6e879747cf3c6220f138a672ffdf917 Mon Sep 17 00:00:00 2001
From: xerox <xerox@back.engineering>
Date: Thu, 27 Aug 2020 22:40:03 +0000
Subject: [PATCH] Update README.md

---
 README.md | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 74d8608..822bc76 100644
--- a/README.md
+++ b/README.md
@@ -8,4 +8,18 @@
 This project allows you to patch your kernel only in a specific process. It is highly experimental and will most likely cause your system to crash. Please install some form of virtualization before messing around
 with this project/library! This software is provided as-is, I have no plans on updating this code (except to add 2mb page support)... 
 
-If you are interested in how this code works you can read about it here: [https://back.engineering/post/nasa-patch/](https://back.engineering/post/nasa-patch/).
\ No newline at end of file
+If you are interested in how this code works you can read about it here: [https://back.engineering/post/nasa-patch/](https://back.engineering/post/nasa-patch/).
+
+# example
+
+```cpp
+	nasa::mem_ctx my_proc(kernel, GetCurrentProcessId());
+	nasa::patch_ctx kernel_patch(&my_proc);
+
+	const auto function_addr =
+		reinterpret_cast<void*>(
+			util::get_module_export("win32kbase.sys", "NtDCompositionRetireFrame"));
+
+	const auto new_patch_page = kernel_patch.patch(function_addr);
+	std::cout << "[+] new_patch_page: " << new_patch_page << std::endl;
+	*(short*)new_patch_page = 0xDEAD;