seb/keylogger-detector
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-01-05. You can view files and clone it, but cannot push or open issues or pull requests.
119 Commits 8 Branches 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Sebastian Lenzlinger 7d4bc93243
Update README.md
2023-06-13 13:10:24 +02:00
doc
Update dev_journal.md
2023-06-13 12:44:33 +02:00
src
Update keylogger_detector.py
2023-06-13 11:48:42 +02:00
.gitignore
Refactor userspace detector.
2023-06-07 00:51:07 +02:00
README.md
Update README.md
2023-06-13 13:10:24 +02:00

README.md

KLDetect

KLDetect is a keylogger detector for the Linux Desktop. It can detect processes reading from /dev/input/event* devices and kernel modules registered to listen to keyboard events.

Dependencies

Setup

Download or clone this repository:

git clone https://github.com/sebaschi/keylogger-detector.git

Navigate into the src directory:

cd keylogger-detector/src

Run a keylogger. KLDetect has been tested and shown to work on the following keylogger.

User progams:

Kernel Module:

Usage

KLDetect must be run as root (sudo).

Running without options just runs userspace detection:

./kldetect.py

To get a list of options:

./kldetect.py -h

To run with kernel module detection:

./kldetect.py -k

To run just kernel module detection

./kernel_detector.py

Warning

Running any part if this program in a lightheaded manner may break your system. Killing processes and unloading modules should be done with caution. We suggest testing it an a VM. If one runs the KLDetect with the kernel module keylogger detection option set, make sure to update the whitelist.txt with the safe kernel modules that you know you have on your system. Altough KLDetect should not unload any kernel modules currently used, better safe than sorry.

Developers

Copyright © 2023Michel Romancuk, Sebastian Lenzlinger

This project is Part of a Univeristy project at the Operating Systems lecture at the University of Basel, Switzerland. A project journal can be found here.

Description
University project for an Operating Systems lecture. The goal is to develope a keystroke-logger-detector for a Linux environment. Developement Environment: Fedora 37 VM under Gnome and Wayland.
keylogginglinuxlinux-iomemlinux-kernellinux-programmingmalware-detection
Readme 1.2 MiB
Languages
Python 99.7%
Makefile 0.3%