Warning! Python Remote Keylogger (this is really too easy!)
Рет қаралды 324,152
Күн бұрынCreate your own virtual machine on Linode with a 60-day $100 credit: davidbombal.wiki/linode
If that link doesn't work for you, try this link: www.linode.com/lp/youtube-vie...
Please note: Credits expire in 60 days. Big thanks to Linode for sponsoring this video!
I wrote a Python program that saves keystrokes to a cloud server. I compiled the script to run on a Windows 11 computer with anti-virus enabled. May this be a warning to both you and your family. Don't download software that you don't trust. Only download software from reputable software developers and those you trust.
Disclaimer: This video is for educational purposes only. I own all equipment used for this demonstration. No actual attack took place.
// MENU //
00:00 - Be careful what you download
00:07 - Intro
00:16 - How to capture keystrokes with Python
00:41 - Keylogger demo
03:30 - How to setup the keylogger
10:34 - Conclusion
// Code //
Keylogger: github.com/davidbombal/python...
Server: github.com/davidbombal/expres...
// Video mentioned //
Python keylogger bypasses Windows 11 Defender: • Python keylogger bypas...
// SOCIAL //
Discord: / discord
Twitter: / davidbombal
Instagram: / davidbombal
LinkedIn: / davidbombal
Facebook: / davidbombal.co
TikTok: / davidbombal
KZbin: / davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
python
keylogger
python keylogger
windows 11
windows 11 keylogger
pyinstaller
py to exe
py exe
python py to exe
python exe
compile python
python compile
python exe
python convert to exe
python convert py to exe
python py exe
python code
windows
windows 10
anti virus
real time protection
windows anti virus
windows real time protection
windows 11 protection
windows 11 python
python compile
compile python code
compile python
python windows
windows python
Disclaimer: This video is for educational purposes only. I own all equipment used for this demonstration. No actual attack took place on any websites.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#python #keylogger #wifi
@davidbombal Жыл бұрын
Create your own virtual machine on Linode with a 60-day $100 credit: davidbombal.wiki/linode If that link doesn't work for you, try this link: www.linode.com/lp/youtube-viewers/?ifso=davidbombal Please note: Credits expire in 60 days. Big thanks to Linode for sponsoring this video! I wrote a Python program that saves keystrokes to a cloud server. I compiled the script to run on a Windows 11 computer with anti-virus enabled. May this be a warning to both you and your family. Don't download software that you don't trust. Only download software from reputable software developers and those you trust. Disclaimer: This video is for educational purposes only. I own all equipment used for this demonstration. No actual attack took place. // MENU // 00:00 - Be careful what you download 00:07 - Intro 00:16 - How to capture keystrokes with Python 00:41 - Keylogger demo 03:30 - How to setup the keylogger 10:34 - Conclusion // Code // Keylogger: github.com/davidbombal/python-keylogger Server: github.com/davidbombal/express-server-basic // Video mentioned // Python keylogger bypasses Windows 11 Defender: kzbin.info/www/bejne/p5K9XnyYqNiDeqs // SOCIAL // Discord: discord.com/invite/usKSyzb Twitter: twitter.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal KZbin: kzbin.info // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
@-nary-zy5jt Жыл бұрын
Dear David, I'm telling your her 🖐🏻😡.
@duckyblender Жыл бұрын
i think you forgot to pin this
@gtxgamer5025 10 ай бұрын
But what if I don't have a python download??
@juliusrowe9374 Жыл бұрын
Great tutorial David! Please keep them coming!
@l3chevalier Жыл бұрын
Awesome video, thank you David 😊! Those PoCs are really good for us to build countermeasures to that kind of stuff. I got curious about python compilation actually, I've did some Python install before but never compiled it as a binary, will give it a try later.
@duscraftphoto Жыл бұрын
Always great content! I've done something similar using SMTP to shoot over emails of the logged keystrokes on a timed interval. Love the use of a js server approach! About to jump into the code and have a look around. Keep up the amazing work and for making people aware of the real dangers that hide in plain site.
@davidbombal Жыл бұрын
Thank you Dustin!
@duscraftphoto Жыл бұрын
@@davidbombal of course! Keep up the amazing work and keep inspiring people to learn!
@b1gbro398 Жыл бұрын
Thanks Sir David for the knowledge on how we can secure our devices. Can this also be done on mobile devices?
@b1gbro398 Жыл бұрын
@@wingit7335 how can it be like the deployment on windows, so that it is not easily detect as malicious software or how can it be deploy as an apk file?
@chrisremi1903 Жыл бұрын
@@davidbombal David great content thanks what about the update for the Kali Linux on Android
@theteacheroldschool4013 Жыл бұрын
thank you very much for this content, i love how you explain so good and simple to knowledge!
@djamarildo2010 Жыл бұрын
Amazing content David I like that you bring us the best reputable personalities in their speciality field so we can learn from the best no need for fancy botcamps😄 ✅🖥️🙏
@kveldulfpride Жыл бұрын
Hey David, thanks for sharing this! I don’t suppose you could maybe consider a pivot into voice ? Enough material with that to keep you occupied. Could maybe lead back into security related items (wire shark and RTP streams). I know network engineers tend to grimace at voice, but steel yourself and think about it ;)
@TheDirge69 Жыл бұрын
Great content again. Reading the comments and your responses is very helpful in educating us, thanks!
@davidbombal Жыл бұрын
You're welcome!
@stunduptosee1073 Жыл бұрын
Thank you for this informative and educational video!
@krishnasgamingotherstuff1450 Жыл бұрын
I've once used python on my PC to give a demo to my friends that how getting passwords is easy and asked them to avoid using internet cafes, as getting the key strokes is pretty easy. That was way back in 2015.
@w.8329 6 ай бұрын
This seems complicated it’s not working for me
@nobodyimportant8695 Жыл бұрын
This keylogger scripting technique through other scripting mediums has been around for years. Dave, you just made it worldwide for Python. Well done.
@dmail00 Жыл бұрын
FFI and ctypes, it has been available for ages :)
@w.8329 6 ай бұрын
@@dmail00it dosent work for me 😕
@errollgnargnar9534 Жыл бұрын
Great video man. Love the server
@MrBitviper Жыл бұрын
thanks for the awesome content David
@codewithgabriel4626 Жыл бұрын
This is awesome, it's more effective If the keylogger run as a daemon in the background and it is start running on system boot up
@davidbombal Жыл бұрын
This is only a proof of concept and can improved in many ways. We didn't show everything here because of KZbin rule.
@JB-fh1bb Жыл бұрын
@@davidbombal Now I’m curious: what didn’t you show (besides compile steps)?
@rabblegaming4815 5 ай бұрын
@@davidbombalWhere can I learn and see everything, I am into python development. How do people like you learn? Everything nowadays is hidden either for going into courses and spending money or just people not to see and analise.
@Spitfire_Cowboy Жыл бұрын
Rather than outputting to a text file, you could use a nosql db and output the processes running at the time of the key logging to have a better picture of what the target is using at the time they are typing.
@davidbombal Жыл бұрын
We decided against doing that here to keep things simple. This is a proof of concept and can be improved in many ways. We can code in many other options, but this is for educational purposes only and not to build malware.
@Spitfire_Cowboy Жыл бұрын
@@davidbombal agreed. I actually like the simple poc. It leaves alot of potential open that could be touched on or brainstormed or discussed in general. Especially if talking about major nation state adversaries and their toolsets to gain access to sensitive western critical infrastructure systems. Or general minor ransomware criminal groups with their initial access brokers.
@pcap_pirate960 Жыл бұрын
I created a python key-logger like this couple years ago sending it to my free web hosting server. Awesome video.
@davidbombal Жыл бұрын
Thank you! So many ways to do this.... it should really not be possible today, but is unfortunately.
@ThelegendarySonGoku 7 күн бұрын
can you teach me how to do it?
@Mr.Noob_T.I Жыл бұрын
one of the few channels that show content of relevance!!!!!! I wish you were my mentor... I managed to reproduce another keylogger on the desktop! it also prints every click along with a notepad with text captures and creates folders separated by date!!! finally I managed to reproduce your code and forward the log file to a server... thank you very much for sharing your knowledge!!!!!! I am a Programming and Information Security enthusiast🇧🇷
@alezad57121 Жыл бұрын
Thank you for demonstrating this.
@SumanRoy.official Жыл бұрын
Things that can be improved, make the script work like a blind shell, like not including the ip address in the program itself, instead we will initiate a call to the program via some authentication, also encrypted data transfer is necessary to avoid AV detection.
@Leto2ndAtreides Жыл бұрын
Probably just meant to be an example of something super simple.
@mr.smithsmith71 Жыл бұрын
what about how to stop remote keyloggers? what antivirus or app can detect them?
@rubberduck6961 Жыл бұрын
What would happen if the target is typing in another layout or language
@DNOD1983 Жыл бұрын
Thank you for your continued commitment to education.
@davidbombal Жыл бұрын
Thank you Desmond. You're welcome!
@aleksalukic1904 Жыл бұрын
I started to smile after I saw the first thumbnail of this video. It was like Saurons Eye from the Lord of the Rings is watching you. And now it's like a Ringwraith.
@JonnyClark Жыл бұрын
Awesome video David !
@davidbombal Жыл бұрын
Thank you Jonny!
@davidmckee533 Жыл бұрын
Bad Mr Bombal Bad, keep the videos coming thank you learned alot!!
@davidbombal Жыл бұрын
Glad you learned something David
@kuntrasha 4 ай бұрын
I am ok with python code but I have no idea about C code. When you say you used a C compiler to compile it does that mean you can compile python code in C compilers or did you have to use C code to make it work? Thanks for the video.
@cyberdevil657 Жыл бұрын
Haha I love this content David! I am doing the 30 day challenge of networkchuck right now the juniper ccna
@tehczavier Жыл бұрын
Nice. How is the Juniper cert program?
@cyberdevil657 Жыл бұрын
@@tehczavier It's good so far I scored 100% on module 1, but to be fair I already have a network background:). It's great for people who are starting out
@Jingizz Жыл бұрын
Ive tried to do it. Only one issue: when I run the compiled keylogger.exe it opens an empty command prompt, when I close it, it will close the keylogger as well. Idk how to make it so it opens stealthy as yours.
@Savage-en1ms Жыл бұрын
You need to set compiler flag "-mwindows" to remove the UI element of your application. Other ways include setting the main window handle hidden on init.
@lancemarchetti8673 Жыл бұрын
Great video...thanks David.
@davidbombal Жыл бұрын
Thank you Lance!
@colinrogers9927 Жыл бұрын
Awesome. Well done sir
@kekeke7815 Жыл бұрын
Are the sample softs there when you open the software or do you have to download them from sowhere
@accountoneripley7631 Жыл бұрын
Hello, what program do you use to record the windows desktop?
@TioGu76 Жыл бұрын
Awesome video David, but, how can we prevent our machines from these tools?
@majiddehbi9186 Жыл бұрын
Hello Mr Bombal it seems that python is great langage to learn thx for u re constant effort God bless u
@davidbombal Жыл бұрын
You're welcome Majid!
@GameMachines1 Жыл бұрын
whoop! Thanks David
@razashah2611 Жыл бұрын
More videos like this but easy one's please for beginners.
@ForwardEngineering Жыл бұрын
Can this be done within windows and to keylog another windows machine? I don't really want to spin up a entire Linux vm just for logging.
@nachosncheez2492 Жыл бұрын
Nice video, if i was do it this i would use sockets for real time communication and a common port such as 443 + inject a binary blob into memory for a listener to setup a shell, that the program can load using a pointer. easy web c&c.
@weedogo5559 Жыл бұрын
Spyware are shown in procexplorer? like sketchy process running. Or they are just not visible?
@martinsmatthew4983 Жыл бұрын
Worked , thanks a lot!
@jamalyarfoor5798 Жыл бұрын
I'm new. What does he mean when he says we? Is there a team who worked on this?
@jackson32 Жыл бұрын
Can this keylogger program be put in non executable files like PDF files, pictures, videos etc?
@maximedemontbron5179 Ай бұрын
Hi David, just wondering if there's a way to encrypt the keylogged traffic / passwords as I'm sending them to my linode. Maybe I want to test this with my own passwords but I don't want the connection to be readable by eavesdroppers.
@srijan.76448 Жыл бұрын
Will this program run on nay windows version or it is specified only for windows 11 ?
@fyzzlefry Жыл бұрын
Thanks for this. Ill fire up a demo for our monthly meeting.
@davidbombal Жыл бұрын
Hopefully they learn from this video 😀
@wiktormigaszewski8684 24 күн бұрын
I need an example file of someone who wrote a longer text (a story or a masters thesis) - is there any such public repository?
@kianrees8142 11 ай бұрын
How can i send the keylogging data to my own server. Do i just open a port on my server like 8080 shown in the scipt and add my server ip in the scipt too?
@muhammadusama8261 Жыл бұрын
finally great video
@aniketsharma7333 Жыл бұрын
Great video sir :)
@davidbombal Жыл бұрын
Thank you Aniket!
@loficafechill Жыл бұрын
in other words this can also bypass a separate firewall? wow this is crazy stuff.
@vivekkumar-gs9lp Жыл бұрын
sir why dont you create a structured course on various language which is in demad in copporate sector....beleive me your channel will boom
@alidanish6263 Жыл бұрын
Great Content! I am a big fan. I did all of this and windows defender did not detected it but when i sent it to my friend to check it out by uploading it to google drive. When he downloaded it windows defender picked it up. Is there something i can do to avoid this?
@gerry2345 Жыл бұрын
I like this vid. Good insight.
@homeoffice3524 Жыл бұрын
This is one of the most complex python keyloger ever. I can do the same with aprox 20 lines of code without any extra software or anything.
@trif169 Жыл бұрын
So how’s it complex lmao
@Electro-tw9um 4 ай бұрын
So recompiling PyInstaller bypasses Defender, but wouldn't SmartScreen block the EXE as it is unknown (if it was real malware and actually was downloaded from the Internet by "your victim")?
@yasashikunizam1311 Жыл бұрын
what if we run this file as a script on the AD .... and it will automatically run right? fun but scarry ...
@maximedemontbron5179 Ай бұрын
Hi David, just some feedback - I've tried replicating everything you did and ran into some problems. When I compile the python script into an executable file using PyInstaller, Windows Virus & Threat protection catches it immediately.
@charlesyaw6514 Жыл бұрын
Dave could you create a GNS3 topology for key logging?
@Blackstone_yt 6 ай бұрын
will it always add space EX: you log into one site then another theres and theres no space input
@appher Жыл бұрын
Thank you so much you really help me :)
@nsxkkxlnmiyo8722 8 ай бұрын
does it uniquely work on windows 11? what about other versions of windows?
@phucnguyenhong8761 Жыл бұрын
sir can you please tell me if i need to NAT port to sending logs through WAN?
@realJaycelee Жыл бұрын
Do you have any recommendations on books in Computer Science? I want to learn Computer Science before JavaScript and Python.
@hartatociptajaya Жыл бұрын
it is not books but you can easily find resources on harvard CS50 and Freedcodecamp channel.
@realJaycelee Жыл бұрын
@@hartatociptajaya Thank you, I know some of the Free courses require a text book. Have to look into this one, because a couple people recommend this course.
@catatafish22 Жыл бұрын
You’re probably putting the horse before the cart if you do that… if you want a bit of an overview on some computer science, there’s a vid called ‘the art of code’ on KZbin. Learning a simple language like python is much easier than learning computer science. Walk before you run!
@realJaycelee Жыл бұрын
@@catatafish22 Wouldn't it be the other way around? I want to learn the basics of computer science in order to have the fundamentals and when I go to learn a language I'll know how the computer functions, instead of just following examples that I have no idea why I'm doing what I'm doing.
@f.s9027 Жыл бұрын
I started making soft recently, I was wondering if you wanna do any features.
@p.m.8316 3 ай бұрын
What happens if a user is offline? will the keystrokes appear when he is online again?
@Hubert4515 Жыл бұрын
awesome tutorial!
@davidbombal Жыл бұрын
Glad you liked it!
@frazy1984 Жыл бұрын
Hi, imagine someone hacked the laptop earlier, then can I know whether the laptop is hacked or not, by using task manager, later ? And are Apple laptops safer than windows laptops? Thanks
@220VolT Жыл бұрын
UAC doesn't popup at all when you execute?
@amrelaal30 Жыл бұрын
More than perfect 👍
@boomshoot4789 5 ай бұрын
Should I use the public IP in order to connect to the server?
@ahmedmedhat2894 Жыл бұрын
Wow thx for warning us about that :)
@edwinmurugu2438 Жыл бұрын
Just the title!! Hahaa this is why I joined your army
@youdummy5928 Жыл бұрын
this script is getting detected in my computer(windows 11) and automatically being deleted in vs code after saving showing the warning that this file contains virus
@richieheins6825 Жыл бұрын
We dont deserve you David. Thank you so much!
@davidbombal Жыл бұрын
Thank you Richie!
@HarmfullAdvocado 3 ай бұрын
Hey what server do u use, i can't find one
@cruzalex9662 Жыл бұрын
Please how did you get it to run in the background
@schwingedeshaehers Жыл бұрын
may add -y to the install script in the install lines (and merge the lines)
@PandaBero83 Жыл бұрын
Thanks for the nice scripting.. but i am curious.. Did you find some concerned keystrokes on you'r wife's computer???
@cruzalex9662 Жыл бұрын
Really nice sir
@williamburns3211 5 ай бұрын
So anybody who can write python code can crack any computer they want? Or the hacked computer must first download some malware? I an not a programmer.
@vikraal6974 Жыл бұрын
What bugs me is that the program doesn't even need administrator permission like those KMS Trojans.
@naimurX Жыл бұрын
Can you make this on replit online code editor
@shinobishredz Жыл бұрын
Amazing stuff
@davidbombal Жыл бұрын
Thank you Max
@komenanfrancois3037 Жыл бұрын
Thanks for all.
@davidbombal Жыл бұрын
You are most welcome
@alerivsm Жыл бұрын
It works! Thanks a lot.
@hamzabarisa1368 Жыл бұрын
Hi did you use a server
@bubz1kbytez Жыл бұрын
how can I test this out with a VM in kali VirtualBox?
@mcmaly86 Жыл бұрын
YO THANK YOU SO MUCH
@dayshag5257 Жыл бұрын
what if i just want the capture file on my my on PC?
@sithumgimhan7650 2 ай бұрын
Does this detectable in a mcAfee endpoint security
@dreamscapeshomesolutions7888 Жыл бұрын
Hi, David. What would you recommend for scanning pdf's and images for rats and loggers? These day's many of us download quite a number of pdf's for education and images for our own curating.
@dreamscapeshomesolutions7888 Жыл бұрын
Comments like this from , text me "@ the official blah blah blah" seem like a game best played later. ; - )
@millymichael4701 Жыл бұрын
David, you said you were going to show us how to capture a handshake with Kali Linux installed on our android phones.
@jesseclutterbuck6617 Жыл бұрын
you cant. android dosnt surport monator mode also you need to send a deauth packet to the target to catch the handshake. and the handshake uses encryption. use a laptop and a 64bit version of kali
@abirahamed2093 Жыл бұрын
hii is there any way to use linode account with out credit card?
@BleronHyseni-kf8ey 2 ай бұрын
how do i own friend. do i have to send them the keylogger folder or what????????????
@cptbaker Жыл бұрын
Genuinely interested in what this community has to say, now that everyone has seen the source code and how it functions, what are some methods anyone here would use, to defend against it?
@catatafish22 Жыл бұрын
Probably only way would be not to open applications from untrusted sources.
@catatafish22 Жыл бұрын
@@wingit7335 what’s the best way??
@marcelsimon6425 Жыл бұрын
@@catatafish22 Problem is there are no trusted sources.
@verbon47 Жыл бұрын
@@catatafish22 that is the best way lmao, the best way not too get hacked is dont click on anything that can be seen as sketchy. or if you truly want safety, dont be on the internet like ever
@catatafish22 Жыл бұрын
@@verbon47 lol i know
@mariostheocharous3469 Жыл бұрын
Make a video to show us how to create own server to save the data without Linode, please?? Thank you David for the fantastic videos!!
@lewisheath364 Жыл бұрын
just run the javascript code on your machine and forward the ports from your router
@Foiliagegaming Жыл бұрын
set up a raspberry pi running ubuntu or whatever locally.
@mariostheocharous3469 Жыл бұрын
@@lewisheath364 okay, thanks
@mariostheocharous3469 Жыл бұрын
@@Foiliagegaming okay, thanks
@guilherme5094 Жыл бұрын
Awesome👍
@mohamednarhmouche364 Жыл бұрын
if you want you can also create a python scripting course on youtube
@morleytechtv7749 Жыл бұрын
Windows Defender can detect it now,
@mkledits3679 Жыл бұрын
Will EDR not detect this kind of activity? since EDR is based on anamolies I'm pretty sure it will catch as suspicious no?
@hoelesswithoutthem Жыл бұрын
Hey, I'm new here and building this project for my own working but I need help the files that he mentioned and the steps are updated and now I'm stuck can anyone here help me out?
@Foiliagegaming Жыл бұрын
set up a small local server that is running on cellular network and have it set up on the local network then forward the traffic from there.
David Bombal
Рет қаралды 165 М.
ТНТ4 Shorts
Рет қаралды 6 МЛН
Shaun Halverson
Рет қаралды 68 М.
Liron Segev
Рет қаралды 1,2 МЛН
Immersed
Рет қаралды 3,8 МЛН
notebook-31
Рет қаралды 135 М.
ProTech
Рет қаралды 100 М.