/spookey

SpooKey is a keylogger written in C++ that uses kernel-level APIs to capture keystrokes (Linux only. Windows is a work in progress)

Primary LanguageC++GNU General Public License v3.0GPL-3.0

SpooKey

SpooKey is a keylogger written in C++ that uses kernel-level APIs to capture keystrokes

Build Status

Overview

The Linux binary uses the Linux Input Subsystem kernel API to identify keyboards located in /dev/input/ and to translate key events. Threads will spawn to record each keyboard found. Key events are written to a file corresponding to the input device name. E.g., event0.log for /dev/input/event0.

I will also eventually work on a Windows executable using the Windows API. I do not plan on making a method of exfiltration anytime soon (at least not built in). For the time being, this will be developed as a module of sorts to be used with other software.

Usage

$ git clone https://github.com/watersalesman/spookey
$ cd spookey/src
$ cmake .
$ make
$ sudo ./spookey # Optionally use "--debug" flag

Demo

Capturing keystrokes from a separate process (separate tmux pane in this case):