This project is a simple keylogger that captures and encrypts logs. The logs can then be decrypted using the viewer. This project was built to demonstrate core cybersecurity concepts such as encryption and secure storage to help me further understand keylogging attacks. This is my first project in my self-directed learning series of cybersecurity projects!
Key loggers are tools used to record user input without the user's knowledge. In real world attacks they are often deployed as part of malware or phishing campaigns.
Keyloggers can capture PII and SPII such as:
- Login Credentials
- Banking Information
- Personal Messages
They are often difficult to detect because they often run in the background with minimal system impact, as demonstrated in the project, when keys are being logged you cannot see that they are, there is no output message! Sometimes they can mimic legitimate software and can operate at the kernel level.
Antiviruses can be used to mitigate these attacks, MFA can also assist because attackers will not be able to access systems even with a password. The principle of least privilege should always be implemented to prevent escalation attacks. Lastly, frequently updating software is important because keyloggers take advantage of software vulnerabilities.
This project helped me learn how keyloggers operate as well as demonstrated simple symmetric encryption. Understanding the fundamentals of how an attack works can help one prepare to mitigate them in the future!
- Encrypts log entries using Fernet symmetric encryption
- Stores logs in binary file format
- Tracks session duration for each logging session
- Simple log viewer with automatic decryption
- Python 3.10
- pynput
- cryptography
- time
-
Clone the repository
-
Install dependencies
-
Run python main.py
This project was built in a controlled environment for personal educational purposes only.