From 2cc4a03090d43a68b4d4c947ef97045f77377612 Mon Sep 17 00:00:00 2001
From: delorean <jackdelmar@protonmail.com>
Date: Fri, 16 Feb 2024 18:33:36 -0600
Subject: [PATCH] and you better read the README

---
 README.md | 33 +++++++++++++++++++++++++++++++--
 1 file changed, 31 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index a7229b7..92ee372 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,35 @@
 # patdown
+
 > EDR/XDR (Endpoint Detection & Response) fingerprinting utility useful for predicting defense mechanisms in use on remote systems.
 
-<p align="center">
-        <img src="https://i.imgur.com/AlQ7N07.png" width="500" title="hover text">
+
+<p  align="center">
+    <img  src="https://i.imgur.com/AlQ7N07.png"  width="500"  title="hover text">
 </p>
+
+## Abstract
+Patdown probes DNS servers to determine whether they have resolved domains associated with various EDR/XDR solutions.
+
+**Example**: if a network's resolver has `assets-public.falcon.crowdstrike.com` in its cache, chances are the '*CrowdStrike Falcon*' EDR solution is present somewhere on the network.
+
+These DNS servers can be specified as arguments (the preferred way), or patdown can automatically retrieve and analyze the authoritative nameservers of a target with the `-t` flag.
+
+⚠️ Authoritative nameservers are rarely used as egress recursive resolvers for networks and are not as efficacious for fingerprinting for EDR/XDR.
+
+## Installation
+Retrieve a binary corresponding to your architecture from **Releases** 
+*or*
+`git clone https://git.supernets.org/delorean/patdown.git && cd patdown/cmd/patdown && go build -o patdown main.go`
+
+## Usage
+**Help**
+`patdown -h`
+
+**Targeting specific resolvers**
+`patdown -n ns1.target.resolver -n ns2.another.target.resolver`
+
+**Automatically snoop authoritative nameservers**
+`patdown -t supernets.org`
+
+- - - -
+this is for christian purposes