From b1fa23a05553f6cc5be239c7064b3ba6dc28fbe9 Mon Sep 17 00:00:00 2001
From: xerox <xerox@hacks.ltd>
Date: Mon, 9 Mar 2020 18:13:30 -0700
Subject: [PATCH] Update README.md

---
 README.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/README.md b/README.md
index 4e0a1bc..87a31f0 100644
--- a/README.md
+++ b/README.md
@@ -10,3 +10,15 @@ more about this scam you can do so [here](url).
 
 As stated before this cheat uses an IOCTL hook to communicate between its usermode process and its manually mapped driver.
 <img src="https://git.hacks.ltd/xerox/amlegit/raw/master/overview.png"/>
+
+# IOCTL codes
+
+0x2248D2 -> Testing communication
+
+0x224DCA -> Read data (MmCopyVirtualMemory)
+
+0x225CC1 -> Write data (MmCopyVirtualMemory)
+
+0x224986 -> Allocate Virtual Memory (MmMapLockedPagesSpecifyCache, ZwOpenProcess, ZwAllocateVirtualMemory)
+
+0x235C42 -> Spoofer (Pasted from [hwid](https://github.com/btbd/hwid))
\ No newline at end of file