seb/keylogger-detector
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-01-05. You can view files and clone it, but cannot push or open issues or pull requests.
keylogger-detector/README.md
Sebastian Lenzlinger ec19a08e63 Upate Readme
2023-06-13 12:56:15 +02:00

1.6 KiB
Raw Blame History

KLDetect

KLDetect is a keylogger detector for the Linux Desktop. It can detect processes reading from /dev/input/event* devices and kernel modules registered to listen to keyboard events.

Dependencies

Python SystemTap

Setup

Download or clone this repository:

$ git clone https://github.com/sebaschi/keylogger-detector.git

Navigate into the src directory:

$ cd keylogger-detector/src

Run a keylogger. KLDetect has been tested and shown to work on the following keylogger.

User progams:

Kernel Module:

Usage

The programm must be run as root (sudo).

Running without options just runs userspace detection:

\# ./kldetect.py

To get a list of options:

\# ./kldetect.py -h

To run with kernel module detection:

\# ./kldetect.py -k

To run just kernel module detection

\# ./kernel_detector.py

Developers

Copyright 2023 Michel Romancuk, Sebastian Lenzlinger

This project is Part of a Univeristy project at the Operating Systems lecture at the University of Basel, Switzerland. A project journal can be found here.