Hey everyone!
I'm Anuj, and I'm super excited to share my latest project that I've been working on - a comprehensive KeyLogger system with reverse shell capabilities.
When I first started this project, I thought I'd just build a simple keylogger to learn about cybersecurity. But, it turned into something way cooler than I expected! Let me walk you through what I built and what I learned along the way.
The Spark Behind This Project .
So it all started when I was watching some cybersecurity videos and got curious about how penetration testing tools actually work. I'd always heard about keyloggers and reverse shells, but I wanted to understand them from the ground up.
You know that feeling when you see something cool and think "I bet I can build that"? That was me. I wanted to dive deep into Python networking, understand how background processes work, and get my hands dirty with some real cybersecurity concepts.
What I Actually Built
This isn't your typical "hello world" keylogger. I ended up building a complete 4-module system:
The Main Components:
keylogger.py - The brain that captures keystrokes intelligently
reverse_shell.py- A powerful client with tons of features
server.py - Command and control server
test_client.py- Testing framework to make sure everything works
Cool Features:
Works on Windows, Linux, and macOS (cross-platform was tricky!)
Complete reverse shell access
Remote screenshot capture
Smart keylogger that filters out sensitive stuff
Runs completely silently in the background
The Technical Stuff (Don't Worry, I'll Keep It Simple):
Let me show you some of the cool code I wrote. The keylogger part was actually pretty elegant:
python def on_press(key):
global log
try:
log = log + str(key.char) # Regular characters
except AttributeError:
# Handle special keys like space, enter, etc.
if key == key.space:
log = log + " "
else:
log = log + " " + str(key) + " "
The reverse shell communication was where I really learned about networking:
pythondef reliable_send(data):
jsondata = json.dumps(data)
s.send(jsondata.encode())
def reliable_recv():
data = ""
while True:
try:
data = data + s.recv(1024).decode().rstrip()
return json.loads(data)
except ValueError:
continue
What I love about this is how clean the JSON communication makes everything. No more dealing with messy raw socket data!
The Learning Curve :
Building this taught me so much more than I expected:
Socket Programming: I'd never done network programming before. Learning how clients and servers communicate, handling connections, dealing with timeouts - it was like unlocking a whole new world.
Threading: Getting the keylogger to run in the background while maintaining the reverse shell connection was my first real experience with concurrent programming.
Cross-Platform Development: Making this work on Windows, Linux, and macOS was honestly the hardest part. Different file paths, different permissions, different behaviors - but so satisfying when it all came together.
File Handling: Implementing secure file transfer with Base64 encoding taught me a lot about data serialization.
Challenges I Faced :
Not gonna lie, there were some frustrating moments:
Windows Defender: It kept flagging my reverse shell (which is actually expected behavior for this type of tool). Had to add exceptions for testing.
Path Management: Getting file paths to work correctly across different operating systems was more complex than I thought.
Connection Reliability: Network connections can be flaky. I had to implement retry logic and proper error handling.
Testing: Making sure everything worked across different platforms required setting up multiple test environments.
The Features That Make Me Proud
Smart Keystroke Capture: It doesn't just dump everything - it intelligently handles special keys and formats the output properly.
**Remote File Operations: **You can upload and download files, even grab files directly from URLs.
Screenshot Capability: Using the mss library, it can capture screenshots remotely across different platforms.
Stealth Mode: Runs completely silently with no visible windows or indicators.
**Robust Communication: **JSON-based protocol with proper error handling and retry mechanisms.
Tech Stack:
Python 3.8+ (obviously!)
Libraries: pynput, mss, requests, python-dotenv
Built-in modules: socket, threading, subprocess, json, base64
Architecture:
Client-server model with JSON communication
Multi-threaded for concurrent operations
Environment-based configuration
Cross-platform file system handling
The whole thing is about 500+ lines of code spread across multiple modules, but it's clean and well-organized.
I built this to learn about cybersecurity concepts, understand how these tools work, and improve my Python skills. Always use tools like this responsibly, in controlled environments, and only with proper authorization.
If you're interested in cybersecurity, use this knowledge to build better defenses, not to cause harm.
What's Next?
Adding AES encryption to the communication
Building a web-based control interface
Implementing database storage for logs
Maybe exploring mobile platforms
Adding steganography features
Final Thoughts
This project pushed me way out of my comfort zone and taught me so much about networking, security, and system programming. There's something incredibly satisfying about seeing your reverse shell connect for the first time, or watching your keylogger silently capture data exactly as intended.
The best part? Everything is open source on my GitHub. If you're curious about cybersecurity or want to learn about socket programming, feel free to check it out, star it if you find it interesting, and don't hesitate to ask questions!
GitHub Repository: https://github.com/anujbolewar/KeyLogger
What do you think? Have you worked on any cybersecurity projects? I'd love to hear about your experiences in the comments!
Top comments (0)