From d3fb5f4dd634509bb506bb7bb79d798e41a1b932 Mon Sep 17 00:00:00 2001
From: _xeroxz <xerox@back.engineering>
Date: Fri, 18 Dec 2020 03:30:31 +0000
Subject: [PATCH] Update README.md

---
 README.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index e611c95..973f312 100644
--- a/README.md
+++ b/README.md
@@ -25,4 +25,7 @@ This makes it so when you stream the game in discord or OBS the rendering is str
 This project can easily be detected by checking for dxgi.dll IAT hooks on EtwEventWrite and stack walking of threads that execute EtwEventWrite. Inserting
 a pml4e into a pml4 is also detected as the PFN database contains all of the PFNs for a specific process and if a new PML4E is inserted it will
 be pointing at other processes PFNs. This project also doesnt not spoof return addresses so everything the CPU executes the internal module it is leaving
-return addresses on the stack. 
\ No newline at end of file
+return addresses on the stack. 
+
+You can also create ranges of executable memory given the page tables of a process. If there is executable pages outside of a loaded modules .text sections
+they can become apparent easily. Since the CPU is constantly executing the cheat it is unlikely that it will be paged to disk. 
\ No newline at end of file