A guide to building basic malware in Python by implementing a keylogger application

Overview

Keylogger-Malware-Project

A guide to building basic malware in Python by implementing a keylogger application. If you want even more detail on the Project view my Youtube Series linked here.

Purpose of the Project

This repository is made for the purpose of learning how basic malware can be created, obfuscated, and then deobfuscated for malware analysis. Through this repository, a fully working keylogger with the ability to exfiltrate data as well as persist on host machines will be presented. In addition to this, it will be shown how to bypass Windows Defender, a native Windows anti-virus software.

Disclaimer

This repository is soley presented for the sake of learning. Do not use anything from this repository for malicous purposes. Replication of this repository for malicous use on a computer or system that you do not own is strictly prohibited!

Building a Working Version of the Keylogger

Installing Python

The first step is to download the Python programming language on to your computer. The link to the python download page is here. Select Windows, Linux/UNIX or macOS and download the latest version of Python. Note: When installing Python make sure to add to PATH.

python-install

Installing the Pynput Module

Pynput is an external module not included in the default installation of Python. Pynput allows a program to take in a user's key presses. To install Pynput, go to the command prompt in Windows or the terminal in Linux or macOS. Once in the command prompt/terminal, run:

pip install pynput

pynput-install

Programming the Keylogger: Part 1

After implementing this part of the keylogger, the program will take in key presses from the user and log them to a text file where the key presses can be later retreived. If you are wanting further explanation of how the code itself works, visit my youtube video linked here.
The code can be found in the Code folder as malware_part_1 or in the link below:

malware-part-1

Searching in Google with Keylogger running:

google-search

The resulting contents of of the log.txt file: log_output

More to be Updated as Malware Series Progresses...

Data exfiltration and persistance will be added in Part 2

Owner
Noah Davis
Hi I am Noah Davis! I enjoy building various cybersecurity projects. Come view my work!
Noah Davis
Community Repository for Unofficial Saltbox Add-ons

Saltbox Sandbox Repo Community Repository for Unofficial Saltbox Add-ons Requirements Saltbox Documentation Undetermined Roles List of roles can be fo

Salty Organization 31 Dec 19, 2022
This is simple python FTP password craker. To crack FTP login using wordlist based brute force attack

This is simple python FTP password craker. To crack FTP login using wordlist based brute force attack

Varun Jagtap 5 Oct 08, 2022
Brainly-Scrambler - Brainly Scrambler With Python

Brainly-Scrambler Untuk admin brainly jangan lupa pasang captcha mu Note: Kamu

8 Feb 24, 2022
SonicWall SMA-100 Unauth RCE Exploit (CVE-2021-20038)

Bad Blood Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versi

Jake Baines 80 Dec 29, 2022
nuclei scanner for proxyshell ( CVE-2021-34473 )

Proxyshell-Scanner nuclei scanner for Proxyshell RCE (CVE-2021-34423,CVE-2021-34473,CVE-2021-31207) discovered by orange tsai in Pwn2Own, which affect

PikaChu 29 Dec 16, 2022
Password Manager is a simple Python project which helps users in managing their passwords in a easier way

Password Manager is a simple Python project which helps users in managing their passwords in a easier way

Manish Jalui 4 Sep 29, 2021
SonicWALL SSL-VPN Web Server Vulnerable Exploit

SonicWALL SSL-VPN Web Server Vulnerable Exploit

44 Nov 15, 2022
Searches through git repositories for high entropy strings and secrets, digging deep into commit history

truffleHog Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accident

Truffle Security 10.1k Jan 09, 2023
Python library to prevent XSS(cross site scripting attach) by removing harmful content from data.

A tool for removing malicious content from input data before saving data into database. It takes input containing HTML with XSS scripts and returns va

2 Jul 05, 2022
PoC for CVE-2021-26855 -Just a checker-

CVE-2021-26855 PoC for CVE-2021-26855 -Just a checker- Usage python3 CVE-2021-26855.py -u https://mail.example.com -c example.burpcollaborator.net # C

Abdullah AlZahrani 17 Dec 22, 2022
The best Python Backdoor๐Ÿ‘Œ

Backdoor The best Python Backdoor Files Server file is used in all of cases If client is Windows, the client need execute EXE file If client is Linux,

13 Oct 28, 2022
Virus-Builder - This tool will generate a virus that can only destroy Windows computer

Virus-Builder - This tool will generate a virus that can only destroy Windows computer. You can also configure to auto run in usb drive

Saad 16 Dec 30, 2022
List of S3 Hacks

s3-leaks List of AWS S3 Leaks Feel free to send in a PR if you know of other leaks Date Description Notes Aug2020 S3 bucket mess up exposed 182GB of s

Nag 291 Dec 28, 2022
A small Minecraft server to help players detect vulnerability to the Log4Shell exploit ๐Ÿš

log4check A small Minecraft server to help players detect vulnerability to the Log4Shell exploit ๐Ÿš Tested to work between Minecraft versions 1.12.2 a

Evan J. Markowitz 4 Dec 23, 2021
Generate malicious files using recently published bidi-attack (CVE-2021-42574)

CVE-2021-42574 - Code generator Generate malicious files using recently published bidi-attack vulnerability, which was discovered in Unicode Specifica

js-on 7 Nov 09, 2022
This is a Python program that implements a vacuum cleaner as an Artificial Intelligence.

Vacuum-Cleaner Python3 This is a Python3 agent that implements a simulator for a vacuum cleaner and it is introduction to Artificial Intelligence. A s

Abdultawwab Safarji 6 Nov 14, 2022
the metasploit script(POC) about CVE-2021-36260

CVE-2021-36260-metasploit the metasploit script(POC) about CVE-2021-36260. A command injection vulnerability in the web server of some Hikvision produ

Taroballz 14 Nov 09, 2022
Extendable payload obfuscation and delivery framework

NSGenCS What Is? An extremely simple, yet extensible framework to evade AV with obfuscated payloads under Windows. Installation Requirements Currently

123 Dec 19, 2022
Official implementation of the paper "Backdoor Attacks on Self-Supervised Learning".

SSL-Backdoor Abstract Large-scale unlabeled data has allowed recent progress in self-supervised learning methods that learn rich visual representation

UMBC Vision 44 Nov 21, 2022
Python Library For Ethical Hacker

Python Library For Ethical Hacker

11 Nov 03, 2022