- Removed the `get_gafasynckeystate_address` function and replaced its usage with `get_function_address`.
- Simplified the key state address retrieval process, improving code maintainability and reducing redundancy.
- Removed PEPROCESS from `get_gafasynckeystate_address` as it's no longer needed.
- Simplified the flow in `get_user_address_keylogger` by attaching to the process before retrieving the key state address.
- General code cleanup and refactoring to improve readability and maintainability.
- Removed the loop and thread for reading key states; now the client handles this, as the driver maps the address to user mode.
- Added a function to retrieve the VAD root offset.
- Refactored various parts of the code for clarity and performance.
- Moved and refactored several internal modules to `driver/src/internals/`:
- Added new files: `enums.rs`, `externs.rs`, `structs.rs`, `types.rs`, and `mod.rs`.
- Renamed `includes/vad.rs` to `internals/vad.rs` for better organization.
- Updated `callback` module:
- Refactored `notify_routine.rs`, `object.rs`, `registry.rs`, and supporting files for better callback handling.
- Improved callback finding mechanism in `find_callback.rs` and `ioctls.rs`.
- Adjusted `injection` module:
- Refactored callback and I/O control handling in `callbacks.rs` and `ioctls.rs`.
- Miscellaneous improvements:
- Updated `misc/dse.rs`, `misc/etwti.rs`, and `keylogger/mod.rs`.
- Refactored `process`, `registry`, and `thread` modules for better maintainability.
- Simplified utility functions in `utils/`, including `address.rs`, `handles.rs`, `patterns.rs`, and more.
- Cleaned up and removed unused files like `.gitignore` in multiple directories.
- Updated `Cargo.toml` and `Cargo.lock` to reflect dependency changes.
