From 19eacd9b75535a8c983c52df6b2bb9dc3fa4ad0d Mon Sep 17 00:00:00 2001
From: "Ilya V. Matveychikov" <matvejchikov@gmail.com>
Date: Mon, 2 Jul 2018 13:54:20 +0400
Subject: [PATCH] Update README.md

---
 README.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/README.md b/README.md
index d1a7512..a881391 100644
--- a/README.md
+++ b/README.md
@@ -60,6 +60,14 @@ Additional functions:
 
   Reptile is a LKM rootkit written for evil purposes that runs on Linux kernel 2.6.x/3.x/4.x
   
+  | Feature | Description | Implementation Details |
+  | --- | --- | --- |
+  | Environment | 2.6.x/3.x/4.x (x86) | `sys_call_table` search method is x86-only |
+  | Persistency | /etc/modules or /etc/rc.modules | boot-time module loading |
+  | Management interface | `kill(2)` | `sys_call_table[__NR_kill]` |
+  | Hiding of files and directories | Filtering of direcroty entries | `sys_call_table[__NR_getdents]`  `sys_call_table[__NR_getdents64]` |
+  | Hiding of processes and process trees | Filtering of `/proc` | Filtering `getdents` while listing `/proc`. Hidden tasks are marked using `task->flags` (0x10000000). Not able to hide all threads and childs of parent process. |
+  
 - https://github.com/QuokkaLight/rkduck
 
   rkduck - Rootkit for Linux v4