diff --git a/README.md b/README.md
index 4a6c9e2..6fa5d98 100644
--- a/README.md
+++ b/README.md
@@ -9,4 +9,12 @@ If porthack.exe does not exist on a remote host it will download it from the pre
 ```bash
 run nlogin <host1> [host2] [host3] [...]
 ```
+## nremps
+Checks if hosts are rooted the provided hosts, or all connected hosts
 
+If no hosts are listed as arguments it will run on all connected hosts, otherwise it will run on the provided hosts.
+
+### usage
+```bash
+run nremps [host1] [host2] [host3] [...]
+```
\ No newline at end of file
diff --git a/nremps.bas b/nremps.bas
new file mode 100644
index 0000000..cfe5a8b
--- /dev/null
+++ b/nremps.bas
@@ -0,0 +1,31 @@
+REM Run remps.exe and check for root kits
+REM If no arguments given, runs on all connected hosts
+REM If arguments are provided, run on hosts provided on CLI
+
+PATTERN$="[^\s]+"
+IF LEN(ARG$) = 0 THEN HOSTS$ = TH_NETSTAT$
+IF LEN(ARG$) > 0 THEN HOSTS$ = ARG$
+FOR I = 1 TO TH_RE(HOSTS$, PATTERN$, 1)
+  UNKNOWN=0
+  RHOST$ = TH_RE$(HOSTS$, PATTERN$, I)
+  TH_EXEC "remps "+RHOST$, OUT$
+  IF INSTR(OUT$, "Unknown",0) > 0 GOSUB 3000
+  IF INSTR(OUT$, "Hop limit",0) > 0 GOSUB 4000
+  IF INSTR(OUT$,"kit",0) = -1 GOSUB 1000
+  IF INSTR(OUT$,"kit",0) > 0 GOSUB 2000
+NEXT I
+END
+
+1000 IF UNKNOWN = 0 THEN print RHOST$+" is NOT rooted"
+RETURN
+
+2000 IF UNKNOWN = 0 THEN print RHOST$+" is rooted"
+RETURN
+
+3000 print "Unknown host: "+ RHOST$
+UNKNOWN=1
+RETURN
+
+4000 print "Hop Limit Exceeded for "+ RHOST$
+UNKNOWN=1
+RETURN