A guide to building basic malware in Python by implementing a keylogger application

Related tags

Security related resourcesKeylogger-Malware-Project
Overview

Keylogger-Malware-Project

A guide to building basic malware in Python by implementing a keylogger application. If you want even more detail on the Project view my Youtube Series linked here.

Purpose of the Project

This repository is made for the purpose of learning how basic malware can be created, obfuscated, and then deobfuscated for malware analysis. Through this repository, a fully working keylogger with the ability to exfiltrate data as well as persist on host machines will be presented. In addition to this, it will be shown how to bypass Windows Defender, a native Windows anti-virus software.

Disclaimer

This repository is soley presented for the sake of learning. Do not use anything from this repository for malicous purposes. Replication of this repository for malicous use on a computer or system that you do not own is strictly prohibited!

Building a Working Version of the Keylogger

Installing Python

The first step is to download the Python programming language on to your computer. The link to the python download page is here. Select Windows, Linux/UNIX or macOS and download the latest version of Python. Note: When installing Python make sure to add to PATH.

python-install

Installing the Pynput Module

Pynput is an external module not included in the default installation of Python. Pynput allows a program to take in a user's key presses. To install Pynput, go to the command prompt in Windows or the terminal in Linux or macOS. Once in the command prompt/terminal, run:

pip install pynput

pynput-install

Programming the Keylogger: Part 1

After implementing this part of the keylogger, the program will take in key presses from the user and log them to a text file where the key presses can be later retreived. If you are wanting further explanation of how the code itself works, visit my youtube video linked here.
The code can be found in the Code folder as malware_part_1 or in the link below:

malware-part-1

Searching in Google with Keylogger running:

google-search

The resulting contents of of the log.txt file: log_output

More to be Updated as Malware Series Progresses...

Data exfiltration and persistance will be added in Part 2

Owner
Noah Davis
Hi I am Noah Davis! I enjoy building various cybersecurity projects. Come view my work!
Noah Davis
GitHub Repository
RDP Stealer

RDP Stealer RDP Stealer by lamp Require Python How To Use Download This Source Extract The Zip File Change webhook url Convert to exe send to target I

Lamp 14 Nov 26, 2022
Python implementation for PrintNightmare using standard Impacket.

PrintNightmare Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) using standard Impacket. Installtion $ pip3 install impacket

ollypwn 141 Dec 31, 2022
AIL LeakFeeder: A Module for AIL Framework that automate the process to feed leaked files automatically to AIL

AIL LeakFeeder: A Module for AIL Framework that automates the process to feed leaked files automatically to AIL, So basically this feeder will help you ingest AIL with your leaked files automatically

ail project 8 May 03, 2022
CVE-2021-45232-RCE-多线程批量漏洞检测

CVE-2021-45232-RCE CVE-2021-45232-RCE-多线程批量漏洞检测 FOFA 查询 title="Apache APISIX Das

孤桜懶契 36 Sep 21, 2022
Apache Solr SSRF(CVE-2021-27905)

Solr-SSRF Apache Solr SSRF #Use [-] Apache Solr SSRF漏洞 (CVE-2021-27905) [-] Options: -h or --help : 方法说明 -u or --url

Henry4E36 70 Nov 09, 2022
Evil-stalker - A simple tool written in python, it is so simple that it is based on google dorks

evil-stalker How to run First of all, you must install the necessary libraries.

rock3d 6 Nov 16, 2022
Code to do NF in HDR,HEVC,HPL,MPL

Netflix-DL 6.0 |HDR-HEVC-MPL-HPL NOT Working| ! Buy working netflix cdm from [em

4 Dec 28, 2021
Generate obfuscated meterpreter shells

Generator Evade AV with obfuscated payloads Installation must install dotnet prior to running the script with net45 Running ./generator.py -ip Your-I

Fawaz Al-Mutairi 219 Nov 28, 2022
Backdoor is a term that refers to the access of the software or hardware of a computer system without being detected.

This program is an non-object oriented opensource, hidden and undetectable backdoor/reverse shell/RAT for Windows made in Python 3 which contains many features such as multi-client support and cross-

35 Apr 17, 2022
A python script to brute-force guess the passwords to Instagram accounts

Instagram-Brute-Force The purpose of this script is to brute-force guess the passwords to Instagram accounts. Specifics: Comes with 2 separate modes i

Moondog 2 Nov 16, 2021
Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks.

Driver Buddy Reloaded Quickstart Table of Contents Installation Usage About Driver Buddy Reloaded Finding DispatchDeviceControl Labelling WDM & WDF St

Paolo 'VoidSec' Stagno 199 Jan 04, 2023
Workshop Material on VM-based Deobfuscation

Analysis of Virtualization-based Obfuscation This repository contains slides, samples and code of the 4h code deobfuscation workshop at r2con2021. We

Tim Blazytko 133 Dec 18, 2022
Learning to compose soft prompts for compositional zero-shot learning.

Compositional Soft Prompting (CSP) Compositional soft prompting (CSP), a parameter-efficient learning technique to improve the zero-shot compositional

Bats Research 32 Jan 02, 2023
Complet and easy to run Port Scanner with Python

Port_Scanner Complet and easy to run Port Scanner with Python Installation 1- git clone https://github.com/s120000/Port_Scanner 2- cd Port_Scanner 3-

1 May 19, 2022
Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples

Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples Above is an adversarial example: the slightly pert

Anish Athalye 838 Dec 18, 2022
Malware arcane - Scripts and notes on my malware analysis journey

Malware Arcane Repository of notes and scripts I use when doing malware analysis

9 Jun 01, 2022
宝塔面板Windows版提权方法

宝塔面板Windows提权方法 本项目整理一些宝塔特性,可以在无漏洞的情况下利用这些特性来增加提权的机会。

298 Dec 14, 2022
This script checks for any possible SSRF dns/http interactions in xmlrpc.php pingback feature

rpckiller This script checks for any possible SSRF dns/http interactions in xmlrpc.php pingback feature and with that you can further try to escalate

Ashish Kunwar 33 Sep 23, 2022
TLaunch: Launch Programs on Multiple Hosts

TLaunch: Launch Programs on Multiple Hosts Introduction Deepmind launchpad is a library that helps writing distributed program in a simple way. But cu

Tsinghua AI Research Team for Reinforcement Learning 11 Nov 11, 2022
Malware for Discord, designed to steal passwords, tokens, and inject discord folders for long-term use.

Vital What is Vital? Vital is malware primarily used to collect and extract information from the Discord desktop client. While it has other features (

HellSec 59 Dec 01, 2022