From 65f408727a88fee6491adf6297c1e955a94845e1 Mon Sep 17 00:00:00 2001
From: Aarush Ahuja <ahujaarush@gmail.com>
Date: Thu, 16 Feb 2023 16:36:17 +0530
Subject: [PATCH] refactor: update readme.md to include more details

---
 README.md | 39 ++++++++++++++++++++++++++++++++-------
 1 file changed, 32 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 9e2ce2f..d1e451b 100644
--- a/README.md
+++ b/README.md
@@ -1,12 +1,37 @@
 # TrustedInstaller
-A simple Proof of Concept in Golang to start a new shell as TrustedInstaller. This code accompanies FourCore's blog about TrustedInstaller. It is important to note that you need to run this as a user which has SeDebugPrivileges. Upon running, it will automatically ask for UAC in case you are not running as an Administrator.
 
-Use the `RunAsTrustedInstaller` function to pass any executable to be run with TrustedInstaller privileges.
+A simple Proof of Concept in Go to spawn a new shell as TrustedInstaller. Read more about how this PoC works on this [blog about TrustedInstaller](https://fourcore.io/blogs/no-more-access-denied-i-am-trustedinstaller). It is important to note that this should be executed as a user which has SeDebugPrivileges. Upon execution, it will automatically ask for UAC in case it is not executed as as an Administrator.
 
-To run 
-1. git clone the repository
-2. ensure you have go compiler installed
-3. You can either build a binary using `go build ti` or run it directly using `go run ti`
+## POC
 
-It will spawn a new cmd shell as TrustedInstaller which you can check by running `whoami /all`
+1. Clone the repository
+
+```
+$ git clone https://github.com/FourCoreLabs/TrustedInstallerPOC.git
+```
+
+2. Ensure you have Go installed. This POC has been tested on Go 1.19.
+3. Either build the binary and execute it
+
+```
+$ go build ti
+$ ./ti.exe
+```
+
+4. Or run it directly
+
+```
+$ go run ti
+```
+
+
+This will spawn a new cmd shell with TrustedInstaller privileges which can be confirmed by running the command `whoami /all`
+
+<p align="center">
 ![demo](https://user-images.githubusercontent.com/26490648/219342533-79d0cf34-0bf2-4f63-b805-34fca5aff012.gif)
+</p>
+
+## API
+
+- RunAsTrustedInstaller
+  - Use the `RunAsTrustedInstaller` function to pass any executable to be run with TrustedInstaller privileges.