Update README.md

mbn-code · web-flow · commit d1d3c2389072 · 2024-01-14T21:28:15.000+01:00
diff --git a/README.md b/README.md
@@ -1,160 +1,129 @@
+# The-Kernel-Driver-GUIDE
+
 ![banner](https://github.com/CollinEdward/The-Kernel-Driver-Tutorial/assets/66748817/998669c2-d062-4ce0-a671-2917e84058ca)
 
-# The-Kernel-Driver-GUIDE.
+## Welcome to The Kernel Driver Guide!
 
-Kernal Driver Tutorial For Getting Started With Kernel Drivers
+Hello and welcome to this comprehensive guide. Please read through carefully to avoid any mistakes. This guide is designed to provide a straightforward walkthrough for creating a simple kernel driver for Windows.
 
-# Hello
-Hello and welcome to this GUIDE, remember to read everything carefully to not make any mistakes.
-This is a simple guide for getting started with Kernel Drivers. 
-This was created to make an easy follow along guide on creating a simple kernel driver for windows. 
+---
 
-# Prerequisites
+## Prerequisites
 
-Before you begin, you will need to make sure you have the following:
+Before you begin, ensure that you have the following:
 
-- A Windows machine with Secure Boot Disabled
-- Windows Machine With at least 4 GB RAM
+- A Windows machine with Secure Boot disabled
+- At least 4 GB RAM on your Windows machine
 - [Windows Redistributable](https://download.visualstudio.microsoft.com/download/pr/a061be25-c14a-489a-8c7c-bb72adfb3cab/4DFE83C91124CD542F4222FE2C396CABEAC617BB6F59BDCBDF89FD6F0DF0A32F/VC_redist.x64.exe)
 - [DirectX](https://download.microsoft.com/download/1/7/1/1718CCC4-6315-4D8E-9543-8E28A4E18C4C/dxwebsetup.exe)
 
-# Disabling Secure Boot
-
-- a. Restart your computer: Restart your computer and keep pressing the F2, F10, or Delete key (depending on your computer's manufacturer) until you enter the BIOS/UEFI settings.
-
-- b. Locte The Seucre Boot Feature: Once you have entered the BIOS, look for a section called "Security" or "Trusted Platform Module (TPM)". The Secure Boot setting should be within this section. If not, search for you rspecific manufacturer of motherboard. 
+### Disabling Secure Boot
 
-- c. Save Settings: Once Secure Boot is disabled, save and exit BIOS and boot into windows. 
+1. **Restart your computer:** Access the BIOS/UEFI settings by pressing F2, F10, or Delete (based on your computer's manufacturer).
+2. **Locate Secure Boot:** Find the Secure Boot setting in the "Security" or "Trusted Platform Module (TPM)" section.
+3. **Disable Secure Boot:** Save the settings and boot into Windows.
 
-# Additional tips for disabling Secure Boot:
+#### Additional Tips for Disabling Secure Boot:
 
 - Back up your data before disabling Secure Boot.
+- Disable Secure Boot only when necessary, such as running virtual machines or specific software.
+- Re-enable Secure Boot to protect your computer once done with the required tasks.
 
-- Disable Secure Boot only when you need to run a virtual machine or other software that requires it.
-
-- Once you have finished using the virtual machine or software that requires Secure Boot to be disabled, re-enable Secure Boot to protect your computer.
-
-# Download and Setup
-
-When we want to develop a kernel driver we first need to setup our Enviroment.
-We need to download a few requirements, which are listed down below:
-
- * Tip1: Remember to install "WDK" after installing Visual Studio 2022 as WDK is an extension to VS22
- * Tip2: Remember to Install all Individual Components when installing Visual Studio 2022
-
-Step 1: Install Visual Studio 2022	Link: https://visualstudio.microsoft.com/downloads/
-
-Step 2: Install SDK	Link: https://developer.microsoft.com/en-us/windows/downloads/windows-sdk/
-
-Step 3: Install WDK	Link: https://learn.microsoft.com/en-us/windows-hardware/drivers/download-the-wdk
-
-- a1. Follow This Tutorial For Installing Windows Driver Kit if the tutorial above is outdated: https://learn.microsoft.com/en-us/windows-hardware/drivers/download-the-wdk
-- a2. When installing components for Visual Studio 2022 need to select "Desktop development with C++" with these individual components:
-  
-  - C++ ATL for latest v143 build tools with Spectre Mitigations (ARM64/ARM64EC)
-  - C++ ATL for latest v143 build tools with Spectre Mitigations (x86 & x86)
-  - C++ MFC for latest v143 build tools with Spectre Mitigations (ARM64/ARM64EC)
-  - MSVC v143 - VS 2022 C++ ARM64/ARM64EC Spectre-mitigated libs (Latest)
-  - MSVC v143 - VS 2022 C++ x64/x86 Spectre-mitigated libs (Latest)
-
-- **Installing Debug View**
-- * Download Debug View from this direct link: https://download.sysinternals.com/files/DebugView.zip
-  * Or go here: https://learn.microsoft.com/en-us/sysinternals/downloads/debugview
-
-
-# Visual Studio 2022 Project Setup 
-  - 1 Create a new kernel mode driver project in Visual Studio. ( Kernel Mode Driver, Empty (KMDF).
-
-  ![9](https://github.com/CollinEdward/The-Kernel-Driver-Tutorial/assets/66748817/51d10f13-6859-4d0b-876c-084859c57651)
-
+---
 
+## Download and Setup
 
+To develop a kernel driver, set up your environment by downloading the following requirements:
 
-    Right click on the project
-    
-  ![5](https://github.com/CollinEdward/The-Kernel-Driver-Tutorial/assets/66748817/5d1dd955-ca81-4faf-be77-d41adca4c1ec)
-  
-  - 2 Activate "Use Local Time" and Enable Active(Release)
-  
-  ![6](https://github.com/CollinEdward/The-Kernel-Driver-Tutorial/assets/66748817/44acad7f-24b8-4fdd-b756-b9631a7b4f61)
+1. **Install Visual Studio 2022:** [Download Link](https://visualstudio.microsoft.com/downloads/)
+2. **Install Windows SDK:** [Download Link](https://developer.microsoft.com/en-us/windows/downloads/windows-sdk/)
+3. **Install Windows Driver Kit (WDK):** [Download Link](https://learn.microsoft.com/en-us/windows-hardware/drivers/download-the-wdk)
 
-  - 3 Navigate to "Linker" -> "Command Line" and write
+- Follow [this tutorial](https://learn.microsoft.com/en-us/windows-hardware/drivers/download-the-wdk) if the above WDK link is outdated.
+- When installing components for Visual Studio 2022, select "Desktop development with C++" and specific individual components as listed in the guide.
 
-    "/INTEGRITYCHECK"
+#### Installing Debug View
 
-  - 4 Add A Class
+- Download Debug View: [Direct Link](https://download.sysinternals.com/files/DebugView.zip) or [Sysinternals Website](https://learn.microsoft.com/en-us/sysinternals/downloads/debugview)
 
-    Tip: Name this the same name as the project
-    
-    Right Click on Properties -> Hover on Add -> Click On Class
-    ![8](https://github.com/CollinEdward/The-Kernel-Driver-Tutorial/assets/66748817/ec977ceb-d804-4473-9b13-9b9bbc453c77)
+---
 
-  
-# Creating And Running The Driver ( Using Debug View ) 
+## Visual Studio 2022 Project Setup
 
-- 2 Add a new header file named "messages.h" ( In the Header Files Folder ).
-- 3 Define a function called debug_message that takes a string and some extra parameters.
-  ![1](https://github.com/CollinEdward/The-Kernel-Driver-Tutorial/assets/66748817/b111f975-b64c-4655-86a2-99a4e0c8a54c)
+1. **Create a new kernel mode driver project:** Choose "Kernel Mode Driver, Empty (KMDF)" in Visual Studio.
+   - Right-click on the project.
+   - Activate "Use Local Time" and Enable Active(Release).
+   - Navigate to "Linker" -> "Command Line" and add "/INTEGRITYCHECK".
+   - Add a class with the same name as the project.
 
-   
-- 4 Include the "messages.h" header file in your source file.
+---
 
-  ![2](https://github.com/CollinEdward/The-Kernel-Driver-Tutorial/assets/66748817/84ad28b7-291d-4f9e-93b4-873f4d95e5e0)
+## Creating and Running the Driver (Using Debug View)
 
-- 5.1 Create a function called driver_entry that takes a PDRIVER_OBJECT and a PUNICODE_STRING.
-- 5.2 Create a function called unload_driver that takes a PDRIVER_OBJECT.
-- 5.3 Call the debug_message function to print a message when the driver starts and stops.
-  ![3](https://github.com/CollinEdward/The-Kernel-Driver-Tutorial/assets/66748817/a4a6cdf2-47d2-48a5-8870-1c414499f0ea)
+1. **Add a new header file:** Name it "messages.h" in the Header Files folder.
+2. **Define a function:** Create a function called `debug_message` that takes a string and extra parameters.
+3. **Include the header file:** Add "messages.h" in your source file.
+4. **Create functions:** 
+   - `driver_entry` that takes a `PDRIVER_OBJECT` and a `PUNICODE_STRING`.
+   - `unload_driver` that takes a `PDRIVER_OBJECT`.
+   - Call `debug_message` to print a message when the driver starts and stops.
+5. **Compile the driver.**
 
-- 8 Compile the driver.
+---
 
-- 9 Set Kernal driver Bin Path using sc create command.
-  tip: Assuming you have the project on C drive, just replace the "computer name" with your actual computer name, and "KernalReadWriteDriver.sys" With the name if your .sys file. 
+## Setting Up Kernel Driver (Using `sc create` command)
 
-      sc create KernelReadWriteDriver type= Kernel Binpath="C:\Users\computer name\source\repos\KernelReadWriteDriver\x64\Release\KernelReadWriteDriver.sys"
-  
-- 10 Enable test signing
-  Using the cmd enable testsigning with the following command: 
+1. **Set Kernel driver Bin Path:** Use `sc create` command.
+   - Replace "computer name" with your actual computer name and "KernelReadWriteDriver.sys" with your .sys file name.
 
-      bcdedit /set testsigning on
+   ```bash
+   sc create KernelReadWriteDriver type= Kernel Binpath="C:\Users\computer name\source\repos\KernelReadWriteDriver\x64\Release\KernelReadWriteDriver.sys"
+   ```
 
-- 11 Start DebugView in ADMIN mode
-  
-- 12 Enable Capture Kernel In Debug View
-  ![4](https://github.com/CollinEdward/The-Kernel-Driver-Tutorial/assets/66748817/e00cb8ac-d070-43bd-b964-d3837a1b289e)
+2. **Enable test signing:** Use the command:
+   ```bash
+   bcdedit /set testsigning on
+   ```
 
-- 13.1 Load the driver using the sc command.
-    Without the quotation marks and with the name of your kernel driver 
+3. **Start DebugView in ADMIN mode.**
+4. **Enable Capture Kernel In Debug View.**
 
-      sc start "kernel driver name"
+5. **Load the driver using the sc command:**
+   ```bash
+   sc start "kernel driver name"
+   ```
 
-- 13.2 If you get an error when trying to start
-    If you get an error when trying to start the service, try to enter this in to ADMIN cmd and restart. 
-  
-      bcdedit /set nointegritychecks on
+6. **If you encounter an error:**
+   - Run the following command in ADMIN cmd and restart:
+     ```bash
+     bcdedit /set nointegritychecks on
+     ```
 
-- 14 Stop the driver using the sc command.
-    Without the quotation marks and with the name of your kernel driver 
+7. **Stop the driver using the sc command:**
+   ```bash
+   sc stop "kernel driver name"
+   ```
 
-      sc stop "kernel driver name"
+---
 
+## Congratulations!
 
 Congratulations on completing The-Kernel-Driver-Tutorial! You've successfully set up your development environment, disabled Secure Boot, and created a simple kernel driver for Windows.
 
-# Cheat Table Content for Assaulted Cube Process
 ---
 
-- * Cheat Entries Can be found in this md [cheat-entries.md](cheat-entries.md) or from downloading the [assaultcube.CT](assaultcube.CT) file, and running with cheat engine whilst running the [game](https://github.com/assaultcube/AC/releases/tag/v1.3.0.2).
+## Cheat Table Content for Assaulted Cube Process
 
-Honerable mention of resouces and explenation videos / good to know sources: 
+- Cheat entries can be found in [cheat-entries.md](cheat-entries.md) or by downloading the [assaultcube.CT](assaultcube.CT) file. Run it with Cheat Engine while playing the [game](https://github.com/assaultcube/AC/releases/tag/v1.3.0.2).
 
-https://www.youtube.com/watch?v=6TBQ7lWYQ0g 
-
-https://www.youtube.com/watch?v=EaxaQYESDlM
-
-https://www.youtube.com/watch?v=KzD_nc5B_8w
+---
 
-https://www.youtube.com/watch?v=eumG222Efzs
+## Honorable Mentions
 
-https://www.youtube.com/watch?v=8oC0w6WhZ1E
+Special thanks to the following resources and explanation videos:
 
+- [Video 1](https://www.youtube.com/watch?v=6TBQ7lWYQ0g)
+- [Video 2](https://www.youtube.com/watch?v=EaxaQYESDlM)
+- [Video 3](https://www.youtube.com/watch?v=KzD_nc5B_8w)
+- [Video 4](https://www.youtube.com/watch?v=eumG222Efzs)
+- [Video 5](https://www.youtube.com/watch?v=8oC0w6WhZ1E)
