diff --git a/README.md b/README.md
index d348456..3801ead 100644
--- a/README.md
+++ b/README.md
@@ -1,24 +1,160 @@
-# Mirai BotNet
-Leaked Linux.Mirai Source Code for Research/IoT Development Purposes
+# Mirai Source Code (FOR EDUCATIONAL & RESEARCH| `README.md`       | You're reading it                                     |
 
-Uploaded for research purposes and so we can develop IoT and such.
+---
 
-See "ForumPost.txt" or [ForumPost.md](ForumPost.md) for the post in which it
-leaks, if you want to know how it is all set up and the likes.
+## 🔧 Requirements
 
-## Requirements
-* gcc
-* golang
-* electric-fence
-* mysql-server
-* mysql-client
+Before building and running this code, ensure you have the following installed on a **Linux host**:
 
-## Credits
-[Anna-senpai](https://hackforums.net/showthread.php?tid=5420472)
+- `gcc` - GNU Compiler Collection
+- `golang` - Go programming language
+- `electric-fence` - Memory debugging library
+- `mysql-server` - MySQL database server
+- `mysql-client` - MySQL database client
+- `build-essential` - Essential build tools
+- `crossbuild-essential-armel` - Cross-compilation tools for ARM
 
-## Disclaimer
-This repository is for academic purposes, the use of this software is your
-responsibility.
+**Additional Resources:**
+- For detailed setup instructions and background information, refer to the original leak post in `ForumPost.txt` or view the formatted version at [ForumPost.md](ForumPost.md).
+
+
+⚠️ **CRITICAL DISCLAIMER**  
+This repository contains the leaked source code of the **Mirai botnet**, originally created to infect IoT devices and launch large-scale DDoS attacks. This code is provided **strictly for cybersecurity research, reverse engineering, malware analysis, and detection development purposes only**.
+
+**⚠️ WARNING: Do not use this code to attack or scan any real devices or networks. Unauthorized use is illegal and violates GitHub policy.**
+
+**🛡️ SECURITY NOTICE:** The [zip file](https://www.virustotal.com/en/file/f10667215040e87dae62dd48a5405b3b1b0fe7dbbfbf790d5300f3cd54893333/analysis/1477822491/) for this repo is being identified by some AV programs as malware. Please take caution.
+
+---
+
+## 📋 Table of Contents
+
+- [About Mirai](#-about-mirai)
+- [Repository Structure](#-repository-structure)
+- [Requirements](#-requirements)
+- [How to Use (Lab Research Only)](#️-how-to-use-for-lab-research-only)
+- [Learning Use Cases](#-learning-use-cases)
+- [Do NOT Use For](#-do-not-use-for)
+- [References](#-references)
+- [Credits](#-credits)
+- [Acknowledgments](#-acknowledgments)
+
+---
+
+## 📌 About Mirai
+
+Mirai is a malware botnet that infects Internet of Things (IoT) devices using default or weak login credentials. Once infected, these devices are controlled by a command-and-control (CnC) server and can be used to launch DDoS attacks.
+
+This repo is a fork of the original leaked source code and includes components such as:
+- The bot (runs on IoT devices)
+- The CnC server
+- The loader (infects devices)
+- Scanning and deployment scripts
+
+---
+
+## 📁 Repository Structure
+
+| Folder/File       | Description                                           |
+|-------------------|-------------------------------------------------------|
+| `mirai/`          | Core malware source code (bot + CnC server)          |
+| `loader/`         | Infects vulnerable devices using telnet brute-force  |
+| `dlr/`            | Possibly supports payload delivery (optional)        |
+| `scripts/`        | Scripts for building and managing the malware        |
+| `ForumPost.txt`   | Original forum post by author explaining Mirai       |
+| `LICENSE.md`      | License as included in original leak (not official)  |
+| `README.md`       | You’re reading it                                     |
+
+---
+
+## ⚙️ How to Use (FOR LAB RESEARCH ONLY)
+
+> You must use **isolated VMs** or an offline network. Never run this on a real device or public network.
+
+### 🔧 1. Prerequisites
+
+Install on a **Linux host**:
+
+```bash
+sudo apt update
+sudo apt install gcc make build-essential git crossbuild-essential-armel -y
+```
+
+## 🔨 2. Clone the Repository
+
+```bash
+git clone https://github.com/jgamblin/Mirai-Source-Code.git
+cd Mirai-Source-Code
+```
+
+## 🔨 3. Build the Bot and CnC
+
+```bash
+./build.sh
+```
+
+This will:
+
+*  Cross-compile the bot for different IoT architectures (MIPS, ARM, etc.)
+
+*  Compile the CnC server for your local machine
+
+You can customize the build script and source code paths if needed.
+
+## 🧪 4. Setup a Test Lab (Recommended)
+
+Create a virtual lab with:
+
+*  1 Ubuntu VM for CnC and loader
+
+*  1 or more OpenWRT/Linux VMs simulating IoT devices
+
+Use Host-Only or Internal Networking mode to keep the lab isolated.
+
+## 🕹 5. Running Components
+
+*  Start the CnC server (mirai/cnc/cnc)
+
+*  Run the loader to infect virtual IoT VMs
+
+*  Observe communication logs, infection, and payload delivery
+
+## ✅ Learning Use Cases
+
+You can use this source code to:
+
+*  Understand how botnets spread through weak credentials
+
+*  Reverse engineer malware behavior
+
+*  Write intrusion detection rules (YARA, Snort, Suricata)
+
+*  Develop antivirus and botnet defenses
+
+*  Study CnC-to-bot protocol and build simulators
+
+## ❌ Do NOT Use For
+
+*  Scanning or infecting real IoT devices
+
+*  DDoS attacks
+
+*  Deploying the bot to the public internet
+
+Any such use is illegal and against GitHub policy. 
+
+## 📚 References
+
+* [Original Leak on Hackforums (2016)](https://hackforums.net/showthread.php?tid=5420472)
+* [DDoS Analysis of Mirai by MalwareMustDie](https://blog.malwaremustdie.org/2016/10/mmd-0056-2016-new-mirai-elf-botnet.html)
+* [US-CERT Alert TA16-288A](https://www.cisa.gov/news-events/alerts/2016/10/14/alert-ta16-288a)
+
+## 👨‍💻 Credits
+
+**Original Author:** [Anna-senpai](https://hackforums.net/showthread.php?tid=5420472) - Original Mirai botnet source code leak (2016)  
+*Note: The original forum appears to be inactive as of now.*
+
+## 🙏 Acknowledgments
+
+Special thanks to [Pushpenderrathore](https://github.com/Pushpenderrathore) for the improved README structure and comprehensive documentation that makes this educational resource more accessible for cybersecurity research.
 
-## Warning
-The [zip file](https://www.virustotal.com/en/file/f10667215040e87dae62dd48a5405b3b1b0fe7dbbfbf790d5300f3cd54893333/analysis/1477822491/) for this repo is being identified by some AV programs as malware.  Please take caution.