diff --git a/docs/README.md b/docs/README.md index 35a5bc9..4c4f791 100644 --- a/docs/README.md +++ b/docs/README.md @@ -2,46 +2,6 @@ This documentation provides an overview of the shadow-rs rootkit project and instructions on its usage, features, and development process. +### Table of contents -### Process - -#### Hide / Unhide Process - -Description: -This command allows you to hide or reveal specific processes on the system. - -```cmd -shadow.exe process [hide | unhide] --pid -``` - -* `hide`: Hide the specified process. -* `unhide`: Unhide the specified process. -* ``: The PID of the process you want to hide or reveal. - -Example of use: - -```cmd -shadow.exe process hide --pid 1234 -``` - -This command will hide the process with PID 1234. - -#### Elevate Process to System - -Description: -This command allows you to raise the process to system. - -```cmd -shadow.exe process elevate --pid -``` - -* `elevate`: Elevate the process -* ``: The PID of the process you want to escalate to system. - -Example of use: - -```cmd -shadow.exe process elevate --pid 1234 -``` - -This command will hide the process with PID 1234. \ No newline at end of file +* [Process](/docs/process.md) \ No newline at end of file diff --git a/docs/process.md b/docs/process.md new file mode 100644 index 0000000..7ed35b5 --- /dev/null +++ b/docs/process.md @@ -0,0 +1,42 @@ +## Process + +### Hide / Unhide Process + +Description: +This command allows you to hide or reveal specific processes on the system. + +```cmd +shadow.exe process [hide | unhide] --pid +``` + +* `hide`: Hide the specified process. +* `unhide`: Unhide the specified process. +* ``: The PID of the process you want to hide or reveal. + +Example of use: + +```cmd +shadow.exe process hide --pid 1234 +``` + +This command will hide the process with PID 1234. + +### Elevate Process to System + +Description: +This command allows you to raise the process to system. + +```cmd +shadow.exe process elevate --pid +``` + +* `elevate`: Elevate the process +* ``: The PID of the process you want to escalate to system. + +Example of use: + +```cmd +shadow.exe process elevate --pid 1234 +``` + +This command will elevate the process with PID 1234. \ No newline at end of file