Cvtk/rust-keylogger
1
0
Fork 0
mirror of https://github.com/Axiean/rust-keylogger.git synced 2026-02-03 22:25:53 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

readme

Browse Source
This commit is contained in:
Axiean 2025-07-11 23:07:47 +03:30
parent a006e506bb
commit 8b91adb708
1 changed files with 82 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

100
README.md
View File

@ -24,24 +24,6 @@ The project is split into two components:
---
## 📂 Project Structure
Keylogger/
├── src/
│ ├── main.rs # Main keylogger logic
│ └── bin/
│ └── binder.rs # PDF + SCR binder
├── assets/
│ ├── resume.pdf # Decoy PDF
│ └── win_payload.scr # Keylogger executable (renamed)
├── config/
│ └── webhook.url # Your Discord webhook URL (plaintext)
├── Cargo.toml
├── README.md
└── target/ # Cargo build output
---
## ⚙️ Requirements
- Rust (latest stable recommended) → [Install Rust](https://www.rust-lang.org/tools/install)
@ -81,3 +63,85 @@ Rename the resulting file:
```bash
mv target/release/keylogger.exe assets/win_payload.scr
```
### 4. Compile the Binder Binary
```bash
cargo build --release --bin binder
```
Youll get target/release/binder.exe , this is your final payload that runs the decoy and background logger.
---
## 🧪 Testing Instructions
1. Use a Virtual Machine or Isolated Environment (NEVER run this on your main OS).
2. Run binder.exe. The PDF will open as expected.
3. Meanwhile, the keylogger will silently start, capturing keystrokes and sending logs to your Discord channel.
4. Every 10 minutes, logs are flushed to the webhook and the local file is cleared.
---
## ❗ Ethical Usage Reminder
This project is a learning tool for red teamers, malware analysts, and ethical hackers to:
- Understand keylogging mechanisms.
- Simulate social engineering via file binding.
- Build stronger blue team detection strategies.
By using or cloning this project, you agree to use it solely in ethical, permitted environments, such as:
- Your own systems or VMs
- Offensive security labs
- Red team exercises with explicit permission
---
## 🛡️ Blue Team Mitigation Insights
This tool demonstrates real-world attacker behavior, which can be detected through:
- Monitoring abnormal .scr execution
- Detecting outbound traffic to Discord domains
- Watching for GetAsyncKeyState or CreateFileA usage
- Application whitelisting or endpoint behavior analytics (EDR)
---
## 🧠 Ideas for Future Improvements
- 🔐 Encrypt logs before sending.
- 📦 Use a custom packer to obfuscate binary.
- 🧬 Add persistence via registry or scheduled tasks.
- 🎭 Use process injection or memory-only execution for stealth.
- 🗝️ Include anti-debugging or sandbox evasion routines.
---
## 📢 Disclaimer
This project is intended exclusively for:
- Red Team education
- Blue Team defense simulation
- Malware analysis training
Any misuse of this tool, including unauthorized deployment, violates the ethical use policy and may be illegal in your country. The author assumes no liability for misuse.