I've once used python on my PC to give a demo to my friends that how getting passwords is easy and asked them to avoid using internet cafes, as getting the key strokes is pretty easy. That was way back in 2015.
Always great content! I've done something similar using SMTP to shoot over emails of the logged keystrokes on a timed interval. Love the use of a js server approach! About to jump into the code and have a look around. Keep up the amazing work and for making people aware of the real dangers that hide in plain site.
@@wingit7335 how can it be like the deployment on windows, so that it is not easily detect as malicious software or how can it be deploy as an apk file?
Rather than outputting to a text file, you could use a nosql db and output the processes running at the time of the key logging to have a better picture of what the target is using at the time they are typing.
We decided against doing that here to keep things simple. This is a proof of concept and can be improved in many ways. We can code in many other options, but this is for educational purposes only and not to build malware.
@@davidbombal agreed. I actually like the simple poc. It leaves alot of potential open that could be touched on or brainstormed or discussed in general. Especially if talking about major nation state adversaries and their toolsets to gain access to sensitive western critical infrastructure systems. Or general minor ransomware criminal groups with their initial access brokers.
Create your own virtual machine on Linode with a 60-day $100 credit: davidbombal.wiki/linode If that link doesn't work for you, try this link: www.linode.com/lp/youtube-viewers/?ifso=davidbombal Please note: Credits expire in 60 days. Big thanks to Linode for sponsoring this video! I wrote a Python program that saves keystrokes to a cloud server. I compiled the script to run on a Windows 11 computer with anti-virus enabled. May this be a warning to both you and your family. Don't download software that you don't trust. Only download software from reputable software developers and those you trust. Disclaimer: This video is for educational purposes only. I own all equipment used for this demonstration. No actual attack took place. // MENU // 00:00 - Be careful what you download 00:07 - Intro 00:16 - How to capture keystrokes with Python 00:41 - Keylogger demo 03:30 - How to setup the keylogger 10:34 - Conclusion // Code // Keylogger: github.com/davidbombal/python-keylogger Server: github.com/davidbombal/express-server-basic // Video mentioned // Python keylogger bypasses Windows 11 Defender: ruclips.net/video/qaZ-IbssPDI/видео.html // SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal RUclips: ruclips.net/user/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
@@davidbombalWhere can I learn and see everything, I am into python development. How do people like you learn? Everything nowadays is hidden either for going into courses and spending money or just people not to see and analise.
@@tehczavier It's good so far I scored 100% on module 1, but to be fair I already have a network background:). It's great for people who are starting out
Things that can be improved, make the script work like a blind shell, like not including the ip address in the program itself, instead we will initiate a call to the program via some authentication, also encrypted data transfer is necessary to avoid AV detection.
I started to smile after I saw the first thumbnail of this video. It was like Saurons Eye from the Lord of the Rings is watching you. And now it's like a Ringwraith.
Awesome video, thank you David 😊! Those PoCs are really good for us to build countermeasures to that kind of stuff. I got curious about python compilation actually, I've did some Python install before but never compiled it as a binary, will give it a try later.
Amazing content David I like that you bring us the best reputable personalities in their speciality field so we can learn from the best no need for fancy botcamps😄 ✅🖥️🙏
one of the few channels that show content of relevance!!!!!! I wish you were my mentor... I managed to reproduce another keylogger on the desktop! it also prints every click along with a notepad with text captures and creates folders separated by date!!! finally I managed to reproduce your code and forward the log file to a server... thank you very much for sharing your knowledge!!!!!! I am a Programming and Information Security enthusiast🇧🇷
Hey David, thanks for sharing this! I don’t suppose you could maybe consider a pivot into voice ? Enough material with that to keep you occupied. Could maybe lead back into security related items (wire shark and RTP streams). I know network engineers tend to grimace at voice, but steel yourself and think about it ;)
Yeah, sure, you can do that, Windows doesn't block it but what it does block is my compiled production-ready program without any single malware in it for absolutely no reason...
Nice video, if i was do it this i would use sockets for real time communication and a common port such as 443 + inject a binary blob into memory for a listener to setup a shell, that the program can load using a pointer. easy web c&c.
Reminds me of some of my earliest experiments in writing my own penetration tools. The logger I wrote worked poorly and only locally on my own computer. Hilariously bad but still somewhat functional. The more fun experiments were controlling pointers remotely. Good times.
Ive tried to do it. Only one issue: when I run the compiled keylogger.exe it opens an empty command prompt, when I close it, it will close the keylogger as well. Idk how to make it so it opens stealthy as yours.
You need to set compiler flag "-mwindows" to remove the UI element of your application. Other ways include setting the main window handle hidden on init.
@@hartatociptajaya Thank you, I know some of the Free courses require a text book. Have to look into this one, because a couple people recommend this course.
You’re probably putting the horse before the cart if you do that… if you want a bit of an overview on some computer science, there’s a vid called ‘the art of code’ on RUclips. Learning a simple language like python is much easier than learning computer science. Walk before you run!
@@catatafish22 Wouldn't it be the other way around? I want to learn the basics of computer science in order to have the fundamentals and when I go to learn a language I'll know how the computer functions, instead of just following examples that I have no idea why I'm doing what I'm doing.
With a security key for sign in the keylogger won't be able to fetch anything. The threat would be a cookie session stealer malware, but that would have to bypass the virus detection which is not likely.
Genuinely interested in what this community has to say, now that everyone has seen the source code and how it functions, what are some methods anyone here would use, to defend against it?
@@catatafish22 that is the best way lmao, the best way not too get hacked is dont click on anything that can be seen as sketchy. or if you truly want safety, dont be on the internet like ever
Thanks David! This is great content as usual. since 'this' runs on the background would it probably make the PC a bit slower and hence call the attention of the user to something wrong with the pc operation
I am ok with python code but I have no idea about C code. When you say you used a C compiler to compile it does that mean you can compile python code in C compilers or did you have to use C code to make it work? Thanks for the video.
you cant. android dosnt surport monator mode also you need to send a deauth packet to the target to catch the handshake. and the handshake uses encryption. use a laptop and a 64bit version of kali
So recompiling PyInstaller bypasses Defender, but wouldn't SmartScreen block the EXE as it is unknown (if it was real malware and actually was downloaded from the Internet by "your victim")?
CORS is Cross-Origin Resource Sharing. It is meant to restrict/control the access of resources. It is not to load/copy any data/content. CORS is not Python specific.
this script is getting detected in my computer(windows 11) and automatically being deleted in vs code after saving showing the warning that this file contains virus
That Windows is still this.... bad in this regard. On macOS you cannot intercept non-modified keys without being granted the permission to be an accessibility application.
LOL. Never mind. I answered my own question after pasting the text ie " Using the PyPI installation is recommended on Windows..." instead. Looking forward to testing this on my unused laptop on a separate router and separate subnet in my home. ---[ignore below - dufus me :) ]--- Bummer. Johnny-Come-Lately here... nuitka says: "The MSI installers are discontinued as Python has deprecated their support for them, as well as Windows 10 making it harder to users to install them. Using the PyPI installation is recommended on Windows." Any other options/suggestions?? Thx for this proof of concept.
Hi David, just wondering if there's a way to encrypt the keylogged traffic / passwords as I'm sending them to my linode. Maybe I want to test this with my own passwords but I don't want the connection to be readable by eavesdroppers.
How can i send the keylogging data to my own server. Do i just open a port on my server like 8080 shown in the scipt and add my server ip in the scipt too?
Hey, I'm new here and building this project for my own working but I need help the files that he mentioned and the steps are updated and now I'm stuck can anyone here help me out?
Don't do this like BomBal .I can give you only one reason not to do like this because after you are lunching this attack the keylogger that captured also redirect to David BomBal as well that why I encourage you not to do like this !
This is one of the most complex python keyloger ever. I can do the same with aprox 20 lines of code without any extra software or anything.
So how’s it complex lmao
hey can u share it with me ??
I've once used python on my PC to give a demo to my friends that how getting passwords is easy and asked them to avoid using internet cafes, as getting the key strokes is pretty easy. That was way back in 2015.
This seems complicated it’s not working for me
Hey
Always great content! I've done something similar using SMTP to shoot over emails of the logged keystrokes on a timed interval. Love the use of a js server approach! About to jump into the code and have a look around. Keep up the amazing work and for making people aware of the real dangers that hide in plain site.
Thank you Dustin!
@@davidbombal of course! Keep up the amazing work and keep inspiring people to learn!
Thanks Sir David for the knowledge on how we can secure our devices. Can this also be done on mobile devices?
@@wingit7335 how can it be like the deployment on windows, so that it is not easily detect as malicious software or how can it be deploy as an apk file?
@@davidbombal David great content thanks what about the update for the Kali Linux on Android
This keylogger scripting technique through other scripting mediums has been around for years. Dave, you just made it worldwide for Python. Well done.
FFI and ctypes, it has been available for ages :)
@@dmail00it dosent work for me 😕
Great tutorial David! Please keep them coming!
Rather than outputting to a text file, you could use a nosql db and output the processes running at the time of the key logging to have a better picture of what the target is using at the time they are typing.
We decided against doing that here to keep things simple. This is a proof of concept and can be improved in many ways. We can code in many other options, but this is for educational purposes only and not to build malware.
@@davidbombal agreed. I actually like the simple poc. It leaves alot of potential open that could be touched on or brainstormed or discussed in general. Especially if talking about major nation state adversaries and their toolsets to gain access to sensitive western critical infrastructure systems. Or general minor ransomware criminal groups with their initial access brokers.
Create your own virtual machine on Linode with a 60-day $100 credit: davidbombal.wiki/linode
If that link doesn't work for you, try this link: www.linode.com/lp/youtube-viewers/?ifso=davidbombal
Please note: Credits expire in 60 days. Big thanks to Linode for sponsoring this video!
I wrote a Python program that saves keystrokes to a cloud server. I compiled the script to run on a Windows 11 computer with anti-virus enabled. May this be a warning to both you and your family. Don't download software that you don't trust. Only download software from reputable software developers and those you trust.
Disclaimer: This video is for educational purposes only. I own all equipment used for this demonstration. No actual attack took place.
// MENU //
00:00 - Be careful what you download
00:07 - Intro
00:16 - How to capture keystrokes with Python
00:41 - Keylogger demo
03:30 - How to setup the keylogger
10:34 - Conclusion
// Code //
Keylogger: github.com/davidbombal/python-keylogger
Server: github.com/davidbombal/express-server-basic
// Video mentioned //
Python keylogger bypasses Windows 11 Defender: ruclips.net/video/qaZ-IbssPDI/видео.html
// SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
RUclips: ruclips.net/user/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
Dear David, I'm telling your her 🖐🏻😡.
i think you forgot to pin this
But what if I don't have a python download??
This is awesome, it's more effective If the keylogger run as a daemon in the background and it is start running on system boot up
This is only a proof of concept and can improved in many ways. We didn't show everything here because of RUclips rule.
@@davidbombal Now I’m curious: what didn’t you show (besides compile steps)?
@@davidbombalWhere can I learn and see everything, I am into python development. How do people like you learn? Everything nowadays is hidden either for going into courses and spending money or just people not to see and analise.
Haha I love this content David! I am doing the 30 day challenge of networkchuck right now the juniper ccna
Nice. How is the Juniper cert program?
@@tehczavier It's good so far I scored 100% on module 1, but to be fair I already have a network background:). It's great for people who are starting out
Things that can be improved, make the script work like a blind shell, like not including the ip address in the program itself, instead we will initiate a call to the program via some authentication, also encrypted data transfer is necessary to avoid AV detection.
Probably just meant to be an example of something super simple.
I started to smile after I saw the first thumbnail of this video. It was like Saurons Eye from the Lord of the Rings is watching you. And now it's like a Ringwraith.
I created a python key-logger like this couple years ago sending it to my free web hosting server. Awesome video.
Thank you! So many ways to do this.... it should really not be possible today, but is unfortunately.
can you teach me how to do it?
Awesome video, thank you David 😊! Those PoCs are really good for us to build countermeasures to that kind of stuff. I got curious about python compilation actually, I've did some Python install before but never compiled it as a binary, will give it a try later.
Amazing content David I like that you bring us the best reputable personalities in their speciality field so we can learn from the best no need for fancy botcamps😄 ✅🖥️🙏
The problem with spying on your partner is sometimes you find out something you wish you didn't
yeah, that's a risk... But imao it worth it
one of the few channels that show content of relevance!!!!!! I wish you were my mentor... I managed to reproduce another keylogger on the desktop! it also prints every click along with a notepad with text captures and creates folders separated by date!!! finally I managed to reproduce your code and forward the log file to a server... thank you very much for sharing your knowledge!!!!!! I am a Programming and Information Security enthusiast🇧🇷
thank you very much for this content, i love how you explain so good and simple to knowledge!
Hello Mr Bombal it seems that python is great langage to learn thx for u re constant effort God bless u
You're welcome Majid!
Hey David, thanks for sharing this! I don’t suppose you could maybe consider a pivot into voice ? Enough material with that to keep you occupied. Could maybe lead back into security related items (wire shark and RTP streams).
I know network engineers tend to grimace at voice, but steel yourself and think about it ;)
Great content again. Reading the comments and your responses is very helpful in educating us, thanks!
You're welcome!
I wrote keylogger to spy on my wife also. Found out she was communicating with my best friend. Now he lives in my house.
what about how to stop remote keyloggers? what antivirus or app can detect them?
Windows Defender can detect it now,
Yeah, sure, you can do that, Windows doesn't block it but what it does block is my compiled production-ready program without any single malware in it for absolutely no reason...
Make a video to show us how to create own server to save the data without Linode, please??
Thank you David for the fantastic videos!!
just run the javascript code on your machine and forward the ports from your router
set up a raspberry pi running ubuntu or whatever locally.
@@lewisheath364 okay, thanks
@@Foiliagegaming okay, thanks
Amazing as always ❤
Someone said this virus is undetectable ! So funny maybe they are recently using windows 7 !
Thank you for this informative and educational video!
Nice video, if i was do it this i would use sockets for real time communication and a common port such as 443 + inject a binary blob into memory for a listener to setup a shell, that the program can load using a pointer. easy web c&c.
Bad Mr Bombal Bad, keep the videos coming thank you learned alot!!
Glad you learned something David
Thank you for demonstrating this.
thanks for the awesome content David
Thanks for this. Ill fire up a demo for our monthly meeting.
Hopefully they learn from this video 😀
It's OK; my family runs any software we download from the internet from our PC, but never our laptops, haha.
whoop!
Thanks David
Great video...thanks David.
Thank you Lance!
Great video man. Love the server
What bugs me is that the program doesn't even need administrator permission like those KMS Trojans.
Thank you for your continued commitment to education.
Thank you Desmond. You're welcome!
in other words this can also bypass a separate firewall? wow this is crazy stuff.
What would happen if the target is typing in another layout or language
Hackers: Alright copy that run that and the keylogger is complete!
Me: So do you have a github repository or something?
Awesome video David !
Thank you Jonny!
Reminds me of some of my earliest experiments in writing my own penetration tools. The logger I wrote worked poorly and only locally on my own computer. Hilariously bad but still somewhat functional. The more fun experiments were controlling pointers remotely. Good times.
How can i reach you ?
@@tijad1 hands
good stationary computer safe as you only said laptop!
We dont deserve you David. Thank you so much!
Thank you Richie!
Thanks for all.
You are most welcome
More videos like this but easy one's please for beginners.
Ive tried to do it. Only one issue: when I run the compiled keylogger.exe it opens an empty command prompt, when I close it, it will close the keylogger as well. Idk how to make it so it opens stealthy as yours.
You need to set compiler flag "-mwindows" to remove the UI element of your application. Other ways include setting the main window handle hidden on init.
Do you have any recommendations on books in Computer Science? I want to learn Computer Science before JavaScript and Python.
it is not books but you can easily find resources on harvard CS50 and Freedcodecamp channel.
@@hartatociptajaya Thank you, I know some of the Free courses require a text book. Have to look into this one, because a couple people recommend this course.
You’re probably putting the horse before the cart if you do that… if you want a bit of an overview on some computer science, there’s a vid called ‘the art of code’ on RUclips.
Learning a simple language like python is much easier than learning computer science. Walk before you run!
@@catatafish22 Wouldn't it be the other way around? I want to learn the basics of computer science in order to have the fundamentals and when I go to learn a language I'll know how the computer functions, instead of just following examples that I have no idea why I'm doing what I'm doing.
if you want you can also create a python scripting course on youtube
With a security key for sign in the keylogger won't be able to fetch anything. The threat would be a cookie session stealer malware, but that would have to bypass the virus detection which is not likely.
Genuinely interested in what this community has to say, now that everyone has seen the source code and how it functions, what are some methods anyone here would use, to defend against it?
Probably only way would be not to open applications from untrusted sources.
@@wingit7335 what’s the best way??
@@catatafish22 Problem is there are no trusted sources.
@@catatafish22 that is the best way lmao, the best way not too get hacked is dont click on anything that can be seen as sketchy. or if you truly want safety, dont be on the internet like ever
@@verbon47 lol i know
set up a small local server that is running on cellular network and have it set up on the local network then forward the traffic from there.
finally great video
sir why dont you create a structured course on various language which is in demad in copporate sector....beleive me your channel will boom
Just the title!! Hahaa this is why I joined your army
Great video sir :)
Thank you Aniket!
Worked , thanks a lot!
thank you for the video. Now I wonder if my custom firewall can block this.
I like this vid. Good insight.
keep getting "This process is not trusted! Input event monitoring will not be possible until it is added to accessibility clients." any ideas?
What do you recommend for someone who has remote keylogger (victim) on their computer and wants to remove it? Many thanks
Thanks David!
This is great content as usual.
since 'this' runs on the background would it probably make the PC a bit slower and hence call the attention of the user to something wrong with the pc operation
Since its only text the overhead should be minimal
@@fyzzlefry okay
that's cool!
I am ok with python code but I have no idea about C code. When you say you used a C compiler to compile it does that mean you can compile python code in C compilers or did you have to use C code to make it work? Thanks for the video.
David, you said you were going to show us how to capture a handshake with Kali Linux installed on our android phones.
you cant. android dosnt surport monator mode also you need to send a deauth packet to the target to catch the handshake. and the handshake uses encryption. use a laptop and a 64bit version of kali
i m from india ....your content is great ...... really
So recompiling PyInstaller bypasses Defender, but wouldn't SmartScreen block the EXE as it is unknown (if it was real malware and actually was downloaded from the Internet by "your victim")?
I would worry more about Win 11 ...
Yeah so would I trying it on it right now
Awesome video David, but, how can we prevent our machines from these tools?
It works! Thanks a lot.
Hi did you use a server
HTTP3\UDP will guarantee, that we will have even more interesting future.
The question is: how is this prevented?
I like to see the responses for both; Enterprise level and single host.
With custom (targeted) stuff like this, honestly you don’t. Only chance is before it’s executed.
Don’t open applications from untrusted sources
HIPS , Allow list with hashes comes to mind. Would these be good options?
Windows would block the execution and you'd have to allow it first. It's not that easy anymore since Win10.
Wow thx for warning us about that :)
Lol I ruined my dads $2000 computer when I was 12 by downloading a virus on purpose and executing it.
Same with me but I deleted sys32 on our family pc for shits and giggles 😂
Awesome. Well done sir
Can we mirroring site using cors method with python? In php we can use php get_content. How about python ?
CORS is Cross-Origin Resource Sharing. It is meant to restrict/control the access of resources. It is not to load/copy any data/content. CORS is not Python specific.
Spyware are shown in procexplorer? like sketchy process running. Or they are just not visible?
this script is getting detected in my computer(windows 11) and automatically being deleted in vs code after saving showing the warning that this file contains virus
Can this keylogger program be put in non executable files like PDF files, pictures, videos etc?
Hello 👋
Thank for this video
Is it possible to do it in local network with private adress ?
As long as its routable
Ok thank
I'm new. What does he mean when he says we? Is there a team who worked on this?
Hello, what program do you use to record the windows desktop?
Can this be done within windows and to keylog another windows machine? I don't really want to spin up a entire Linux vm just for logging.
5:28 seeing a white stripe in the german flag makes me feel more uncomfortable than i would have imagined... wierd darkmode coincidences^^
Dark Mode does some strange things sometimes 😂
That Windows is still this.... bad in this regard. On macOS you cannot intercept non-modified keys without being granted the permission to be an accessibility application.
LOL. Never mind. I answered my own question after pasting the text ie " Using the PyPI installation is recommended on Windows..." instead. Looking forward to testing this on my unused laptop on a separate router and separate subnet in my home.
---[ignore below - dufus me :) ]---
Bummer. Johnny-Come-Lately here... nuitka says: "The MSI installers are discontinued as Python has deprecated their support for them, as well as Windows 10 making it harder to users to install them. Using the PyPI installation is recommended on Windows." Any other options/suggestions?? Thx for this proof of concept.
I need an example file of someone who wrote a longer text (a story or a masters thesis) - is there any such public repository?
Hi David, just wondering if there's a way to encrypt the keylogged traffic / passwords as I'm sending them to my linode. Maybe I want to test this with my own passwords but I don't want the connection to be readable by eavesdroppers.
Have you ever done this this keylogger for OS X (Mac OS), iOS, or Android?
I started making soft recently, I was wondering if you wanna do any features.
how can you detect/protect yourself against this
22.08.2022: Windows 10 already prevents the download because the keylogger is detected.
How can i send the keylogging data to my own server. Do i just open a port on my server like 8080 shown in the scipt and add my server ip in the scipt too?
Are the sample softs there when you open the software or do you have to download them from sowhere
what if we run this file as a script on the AD .... and it will automatically run right? fun but scarry ...
I did the same thing and uploaded it to my github page
It send keystrokes to my email using SMTP library
Very cool
Will EDR not detect this kind of activity? since EDR is based on anamolies I'm pretty sure it will catch as suspicious no?
Hey, I'm new here and building this project for my own working but I need help the files that he mentioned and the steps are updated and now I'm stuck can anyone here help me out?
You shouldn't run it on your laptop. But you can run on a desktop safely.
Don't do this like BomBal .I can give you only one reason not to do like this because after you are lunching this attack the keylogger that captured also redirect to David BomBal as well that why I encourage you not to do like this !
David , Please confirm that after we captured the keystroke and You can't see