Added DomitoMemorySearchPattern

include/Domito.h

@@ -10,7 +10,7 @@ __drv_allocatesMem(Mem)
 PVOID
 NTAPI
 EVT_DOMITO_ALLOCATE_ROUTINE(
-	_In_ SIZE_T ByteSize
+    _In_ SIZE_T ByteSize
 );
 typedef EVT_DOMITO_ALLOCATE_ROUTINE* PFN_DOMITO_ALLOCATE_ROUTINE;
 
@@ -24,9 +24,9 @@ _IRQL_requires_max_(PASSIVE_LEVEL)
 EXTERN_C
 NTSTATUS
 DomitoFindDriverBaseAddress(
-	_In_ STRING ModuleName,
-	_In_ PFN_DOMITO_ALLOCATE_ROUTINE Allocator,
-	_Inout_opt_ PVOID * ModuleBase
+    _In_ STRING ModuleName,
+    _In_ PFN_DOMITO_ALLOCATE_ROUTINE Allocator,
+    _Inout_opt_ PVOID * ModuleBase
 );
 
 //
@@ -38,7 +38,23 @@ _IRQL_requires_max_(PASSIVE_LEVEL)
 EXTERN_C
 NTSTATUS
 DomitoFindExportedFunctionAddress(
-	_In_ PVOID ModuleBase,
-	_In_ STRING FunctionName,
-	_Inout_opt_ PVOID * FunctionAddress
+    _In_ PVOID ModuleBase,
+    _In_ STRING FunctionName,
+    _Inout_opt_ PVOID * FunctionAddress
+);
+
+//
+// Scans a provided buffer for a memory pattern
+// 
+_Success_(return == STATUS_SUCCESS)
+_Must_inspect_result_
+_IRQL_requires_max_(DISPATCH_LEVEL)
+NTSTATUS
+DomitoMemorySearchPattern(
+    _In_ PCUCHAR pcPattern,
+    _In_ UCHAR uWildcard,
+    _In_ SIZE_T puLen,
+    _In_ PVOID pcBase,
+    _In_ SIZE_T puSize,
+    _Outptr_result_maybenull_ PVOID* ppMatch
 );