/cyber/ - Cyberpunk & Science Fiction

If you're really feeling lazy you can probably just find some source code for a keylogger and use that. Just, you know, read it first.

I'd just write my own. It's so damn easy to tap the event hook in Win32 or X API.

>>35432

>Thats not a fucking virus or will keylog me itself

The fact that you said this shows that you're not ready to use a keylogger.

If you absolutly must be an edgelord to show off to all your friends, >>>/baphomet/ might be more willing to help you out.

>>35442

why

>>35447

You shouldn't execute anything except a compiler you trust, you should never have to run a binary on your machine.

Protip: All the "RAT builders" on SkidForums infect you.

>>35432

I literally just wrote one last night.

Learn python, read the docs on pyhook and win32. Bingo, use the socket library for your remote needs or maybe just use the pastebin API to publish logs once a day or something and email the subsequent link to a burner email.

Write your own tools anon, don't be a skid.

>>35709

Also, take a look at py2exe

you're probably on windows and typing "keylogger" triggered some sort of alarm and now you're on yet another watchlist and everything you type is sent to some AI for analysis to find more signs of terrorism.

enjoy being forcefed anally in gitmo.

lel

>>35709

Actually, writing your own tools has got a lot of people arrested. When you write your own tools just for you and your group, you are writing a calling card, and potentially a way that people can frame you for actions you were not responsible for.

If you use your tool illegally a few times, then that tool is somehow associated with your legal name, here's what will happen:

-You do not pass go

-You do not collect $200

-You go directly to jail

If you use a tool that is available to anyone, you reveal less about yourself. These tools don't need to be dedicated "hacking" tools. In fact it's better if they're designed for legitimate remote administration because those tools are more stable and less backdoored.

If you're going to put yourself at risk by committing computer crimes, try not to make it any easier for people to catch you.

Look for powershell scripts. They can hook into keyboard events (I'm assuming Windows since you didn't think to specify what platform you were on.)

Otherwise, with Linux/Mac OSX it'll get a bit trickier.

>>35977

Of course I understand malware.

Are you completely unaware of computer forensics? Everything you make yourself has potential to identify you. Embedded strings in your language/charset, compilation times, user/host names, etc. It's even possible to find suspects by heuristically comparing the malware code to samples of code you may have posted to the net under your true identity.

Imagine you are the only man in the world with a gun. Sounds great, right? However, you're going straight to the gallows if anyone is murdered by an anonymous gunman. If you write tools, release them so that an attack using them could have come from anybody. Don't exclusively use your own tools either. For things you can't share (like 0days), keep them hidden on systems that can't be linked to you.

Studying how people get caught (or don't) is really interesting mental exercise. You should try it.

>>36007

I'm completely aware of computer forensics. That's why you build in a different environment, learn code obfuscation, learn to modify metadata, and make life difficult for people who do forensics.

Budgets only go so far, but using your own tools are good work around for things like signature lookups.

If a tool is already in the wild, it's probably known about.

>>36032

>If a tool is already in the wild, it's probably known about.

Yes, that's the point. People will correlate 0day tools used in attacks. Johnny B. Hackerly gets arrested for a misdemeanor computer crime, but the tools he used are unique to him and were used in 30 felony crimes. Johnny fucked up.

Do misdemeanor computer crimes even exist?

Signature lookups don't count for shit if you're using tools that already exist on the target computer, or if your scripts are running entirely in memory (piping scripts into their interpreter will do this).

To some degree you need to have your own tools and scripts. Using sandboxed environments plus metadata manipulation tools can help, but it's best if your metadata never exists in the first place.