Home-How to open a file-What is a keylogger? Two Types of Keyloggers and How They Affect Your Computer

What is a keylogger? Two Types of Keyloggers and How They Affect Your Computer

Perhaps every PC user has at least once thought about the safety of confidential data on their own hard drive. Any person stores personal information on his or her computer. secret information, but may not realize it himself. For example, purchases can be made through a PC in online stores using electronic money or plastic card. Such a computer automatically becomes interesting for scammers.

The problem of protecting confidential data has been around for years and universal solution does not exist for her. Currently, there is a fairly wide selection of programs to ensure computer security, for example, various antiviruses, firewalls or access rights restrictions. But you should not completely rely on these methods of protection, because apart from virus attacks there is a threat that comes from humans. How can you find out what happens to your work computer when the user is on a lunch break or just walked away for a few minutes?

For an experienced user A few minutes will be enough to find out huge amount information about the owner of the computer. The easiest way to get access to the history of negotiations via various instant messengers and correspondence via email. In addition, in a few minutes you can retrieve a list of all used system passwords, as well as view a list of all resources visited by the owner. Is it worth talking about unprotected files and folders?

IN this review we'll talk about specialized software products, designed to spy on a computer and its user. Such utilities are often used on work computers, for monitoring employees, as well as at home for organizing parental controls or monitoring the actions of the other half.

Various firewalls and antivirus programs are suspicious of applications of this type and may consider them to be signs of malware. The developers of such utilities indicate this on their websites. However, after configuring the firewall appropriately, it will stop responding to the spyware.

This application will give users the opportunity to receive information about what actions are being performed on the computer. The utility can work with multiple operating accounts Windows systems and when drawing up a report, indicates the user’s name and the actions performed by him. In the settings you can select those accounts, when activated, the application will automatically launch.

The program generates reports that contain information about all actions performed by the user, including: keys pressed, names of windows in which typing is performed, Internet sites visited, names of programs and files launched, as well as the time of their use. Among other things, the utility saves all messages from popular IM clients and takes screenshots at intervals specified in the settings.

The received information can be viewed both in the program window and in the form of a report in HTML format. It is also possible to search among the displayed data and automatic removal outdated information.

The Maxapt QuickEye application is primarily aimed at use among corporate users. The program is most effective for viewing and analyzing reports. Thus, managers have the opportunity to quickly find out which employees worked and which did not. The application displays a list of all programs launched by the user, takes into account the time spent working with all utilities and how actively they were worked with. For example, the program window can be open throughout the working day, but the user worked with it for no more than an hour; the program will display all this in the report.

The program groups all running applications into categories, which makes it possible to go to the Internet messengers category and quickly find out which employees spent little time on their work. In addition, the application supports grouping network computers into several categories, which further facilitates the process of working with it.

It is worth noting that the utility can restrict access to selected applications, as well as compile a whole list of prohibited programs for each employee individually.

This software was previously known as KGB Keylogger. However, the change of name did not change the functionality of the utility and, as before, the main advantage of this “spy” is the ability remote tracking behind computer activity. During installation of this application, the user receives detailed information on how to properly configure the operation of the antivirus installed on the system for correct operation both utilities.

IN Mipko application Employee Monitor is very well organized to work with multiple users, which is a significant advantage for system administrators. Monitoring for different computers can be configured in various options. For example, for one user you can set only monitoring of application launches, for another - copy all typed text, etc.

The application is able to work in alert mode, that is, if the user makes certain actions or types certain words on the computer, the program marks it with an alarm icon and sends an alert to the network administrator.

The program makes it possible to apply special tracking filters, that is, the administrator can create a list of applications whose activity should be monitored, without paying attention to other utilities.

Of course, all this functionality would not be complete without taking screenshots. A screenshot can be taken both for the entire working area of ​​the computer and for active window. Screenshots can be taken not only after a designated period of time, but also when opening a new application.

The program is capable of intercepting messages in all known instant messengers, including: Yahoo!, QIP, ICQ, AIM, Skype, Miranda and others.

Using this utility, the user can receive various information about using a computer. The program monitors the contents of the clipboard, notes data on the activity of all applications, creates screenshots of the screen at specified intervals, takes into account the time the computer is turned on and off, tracks data on keystrokes, and monitors files sent for printing.

The program starts using a custom keyboard shortcut and does not appear in any list running applications, nor in the tray, but pretends to be the corresponding folder in the Start menu. Therefore, when using this spy, you should delete this folder.

This application has only one, but quite significant drawback - the program perceives keystrokes only in English layout, it's worth keeping this in mind when choosing spyware.

The demo version of the utility only works for 40 minutes from the moment of activation, but in some cases this is enough to protect the PC, for example, during a break at work.

One of the main parameters of a spy program is secrecy. After all, if a bright, flashing icon with the name of the application “hangs” in the task manager, the user will understand that he is being watched and will be able to bypass the protection. Developers NeoSpy programs did everything to ensure that their application was completely invisible on the computer. When installing the program, you can immediately select hidden or administrator installation. During a hidden installation, the program folders will not be visible either on the hard drive, on the desktop, or in the Start menu. To start you will need to use command line.

This application, in addition to its invisibility, is also endowed with good functionality. The program can intercept messages from popular instant messengers, easily records the names of all launched applications, and also marks the start and close times. NeoSpy automatically takes screenshots at specified intervals, as well as during the launch of all utilities.

With the help of this spy, you can receive detailed information about activity on the Internet - the addresses of all sites visited, the time spent online and the amount of traffic spent.

We can say that the program makes it possible to monitor every user action on the computer. NeoSpy saves all text typed on the keyboard, saves data from the clipboard, and tracks the creation and deletion of new files.

Program Elite Keylogger It is not detected at all by most antiviruses and does not in any way affect the performance of the system as a whole. The application is claimed to be a tool for long-term monitoring of activity over any period of time. Statistics are automatically classified by day, providing quick and convenient access to administrator information. The utility allows you to create lists of users who need to be monitored.

The program can control the work of most popular applications for communication via the Internet, records correspondence by e-mail, saves data on the activity of all applications and documents sent for printing. Elite Keylogger can save all received information in separate folder on network drive, upload it to FTP server or send by email.

It is worth paying special attention to removing this utility. If the user wants to remove Elite Keylogger, he will not be able to do this even with the help of special utilities, which control the startup of the Windows operating system. The only way delete this application– go to the program and select the appropriate action in the settings.

This program is designed to monitor human activity in local network. Besides network monitoring, the utility also records other user actions on the computer. The application intercepts data from most well-known instant messengers, saves a list of all sites visited on the Internet and all text typed on the computer.

In addition, the program is capable of automatic mode create screenshots at specified intervals, keep records of all documents sent for printing, perform hidden copies of edited files and documents copied to removable media.

The program stores all received information in a database on the administrator’s PC, and can also send notifications to specified computer under certain conditions.

And finally.

There is currently a wide selection on the market spyware and anyone who wants to install such software on a computer will be able to select the right application, satisfying all user requirements. Of course, such utilities are most in demand in organizations where there are serious requirements for the actions of employees at work.

More recently, spyware could only record keystrokes on the keyboard, but now they are able to monitor all user actions on the computer. Thus, software of this type is developing very quickly, and no one knows what functions will be introduced by developers in new versions of utilities.

In addition to tracking employees and lovers, spyware will help you organize comprehensive protection confidential data on your computer.

Keylogger - what is it? What danger comes from them? Can you take advantage of a keylogger? What does this entail?

General information

In modern information world The issue of security is very acute. Among the variety of malware, a keylogger program stands out. What is she? What dangers does it pose? How to deal with them? Those who know well English language, they probably translated the name of the program and realized that the conversation would be about a keyboard recorder. This is exactly how their name is translated - keylogger. But in the vastness of the former USSR they official name- keyloggers. What is their feature?

When the program gets onto the computer, it begins to perform its tasks in the form spy functions without the knowledge, participation and consent of the person. It’s worth asking the question “Keylogger - what is it?”, and it turns out that many people don’t even imagine what such a program is. And from this follows the sad fact that many users simply underestimate their threat. But in vain. After all, the main goal of these programs is to steal and transfer to their creator the logins and passwords of user accounts, wallets, and banking applications.

How do they work?

Let's take a look small example. Let's say a person has a bank account containing one hundred thousand rubles - a pretty good amount. He periodically goes into his electronic office user, using a password and login. And to enter them, you have to use the keyboard. The keylogger records what was entered and where. Therefore, an attacker, knowing the password and login, can use the funds if additional security lines are not provided, such as confirmation using a phone. The keylogger functions as a repeater, which at a certain moment merges all the collected information. Some of these programs can even recognize the input language and what element of the browser a person is interacting with. And all this is complemented by the ability to create screenshots.

History of development

It is worth mentioning that keylogger for Windows is not a new phenomenon. First similar programs were the same age as MS-DOS. Back then these were ordinary keyboard interrupt handlers, the size of which fluctuated around the 1 KB mark. And since then, their main function has not changed. They still primarily covertly log keyboard input, record the information they collect, and pass it on to their creator. The question may arise: “If they are so primitive, then why are there numerous antivirus applications do not catch keyloggers?" After all, this is a simple program. And yet, it is quite difficult for specialized applications to cope. The fact is that a keylogger is not a virus or a Trojan. And in order to find it, you need to install special extensions and modules. Besides these malware so many that signature search, considered one of the most advanced security solutions, is powerless against them.

Spreading

How do they get to users' computers? There are a large number of distribution routes. There is also a keylogger that is sent by email to everyone who is in address book, they can be distributed under the guise of other programs or as an addition to them. Let's say a person downloads an unlicensed version of an application from a completely third-party site. He installs the main application himself, and with it the keylogger. Or maybe strange messages with attached files were received by email from friends? It is quite possible that this was done by a keylogger and sent by email. Opening a letter does not pose a threat on most services, since it is just typing. But applications to it can be fraught with danger. If such a situation is identified, it would be best to get rid of the potential dangerous files. After all, a remote keylogger is not dangerous and cannot do any harm.

Distribution via mail

I would like to pay special attention to this particular path of transition between computers. Sometimes messages come that seem to contain valuable information or something similar. In general, the expectation is that a curious person will open the letter, download a file containing “information” about “enterprise accounting,” “account numbers, passwords and access logins,” or simply “someone’s nude photographs.” Or if the mailing is carried out according to the data of some company, then the person’s first and last name may even appear. Please remember to always handle any files with care!

Creation and use

After reading the previous information, someone might think: I wish I had my own free keylogger. And he will even go looking for them and downloading them. Initially, it is necessary to mention that this is a punishable matter from the perspective of the Criminal Code. Moreover, we should not forget the old saying that free cheese only happens in a mousetrap. And if you follow this path, you should not be surprised if the “free keylogger” serves only its owner or even turns out to be a virus/Trojan. The only more or less sure way to get such a program is to write it yourself. But again, this is criminally punishable. Therefore, it is worth weighing the pros and cons before you begin. But what should we strive for then? What could be the end result?

Standard keyboard trap

This is the simplest type, based on one general operating principle. The essence of the program is that this application is embedded in the signal transmission process from the moment a key is pressed until the symbol is displayed on the screen. Hooks are widely used for this. IN operating systems this is the name of the mechanism whose task is to intercept system messages, during which a special function is used, which is part of the Win32API. As a rule, from the presented tools, WH_Keyboard is most often used, and WH_JOURNALRECORD is used a little less often. The peculiarity of the latter is that it does not require a separate dynamic library, due to which the malware spreads more quickly across the network. Hooks read all the information that is transmitted from the input equipment. This approach is quite effective, but has a number of disadvantages. So, it is necessary to create a separate dynamic library. And it will be displayed in the address space of the processes, making it easier to identify the keylogger. This is what defenders use.

Other methods

Initially, it is necessary to mention such a primitive and ridiculous method as periodic polling of the keyboard status. In this case, a process is launched that checks 10-20 times per second whether certain keys have been pressed/released. All changes are recorded. Driver-based development is also popular. This is a fairly effective method that has two implementations: developing your own filter or your own specialized software for the input device. Rootkits are also popular. They are implemented in such a way as to intercept data during the exchange between the keyboard and the controlling process. But reading information is considered the most reliable. If only because to discover them software extremely difficult, literally impossible.

What about mobile platforms?

We have already discussed the concept of a “keylogger,” what it is, and how they are created. But when considering the information, the focus was on personal computers. But even more than PC, there are many different mobile platforms. What about them? Let's look at how a keylogger for Android works. In general, the operating principle is similar to what was described in the article. But no regular keyboard. So they target the virtual one, which is displayed on the screen when the user plans to enter something. And then you need to enter the information - it will immediately be transferred to the creator of the program. Since the security system is mobile platforms is lame, then the keylogger for Android can successfully long term work and spread. Therefore, whenever you download an application, you need to think about the rights that are granted to them. So, if a book reading program asks for access to the Internet, keyboard, and various administrative services mobile device, this is a reason to think about whether this is a malicious entity. The same fully applies to those applications that are in official stores- after all, they are checked not manually, but by automation, which is not perfect.

Some main varieties computer viruses. Today we will talk to you about another category of viruses – keyloggers, about which ordinary users know very little.

Translated from English, Keylogger (Keyboard Logger) means “keyboard recorder”. However, in reality, a keylogger is a spy program that monitors all actions occurring on the keyboard.

Once on the user's computer, keylogger programs intercept the entered information and send it to attackers. In other words, you, without suspecting anything, can give your logins and passwords, as well as bank card data, into the wrong hands.

The danger of keyloggers is that many antivirus applications do not regard them as malware. Detecting them often requires specialized software or additional modules for your main antivirus.

Operating principles of software keyloggers

This type of malware is based on one general principle– they must stand along the signal path from the moment the key is pressed until the symbol appears on the monitor. Keyloggers use the following technical methods:

Hardware keyloggers

In addition to the software ones we reviewed, there are also hardware keyloggers that cannot be detected programmatically:

  • Additional “adapter” between the keyboard and the computer case;
  • Device built into the keyboard;
  • Miniature video camera that captures the keyboard;
  • Unknown USB device, etc.

By the way: both types of keyloggers can be completely legal and can be used for:

  • Parental control;
  • Monitoring the use of working time by company employees;
  • Security services
  • Jealous spouses.

How to avoid becoming a victim of a keylogger

To protect yourself from this type of malware, you should follow simple rules:

  • Activate the potential detection feature in your antivirus dangerous programs(it is usually disabled by default);
  • To access your banking information, use two-factor identification or one-time password.
  • Use proactive defense;
  • Use the virtual keyboard to enter important data.

In this article we will look at such a very important question, especially in our troubled times - what is a keylogger or as it is also called a keylogger.

Initially, they had simple functionality like recording all keystrokes in special file and subsequently extraction of passwords, logins and other similar information from this file by attackers. Then the list of functions expanded noticeably.

Now they can not only record keystrokes, but also:

  1. Register a list of running applications
  2. Record the history of visiting Internet sites (read how to delete it in the article on how to clear your browsing history)
  3. Take screenshots
  4. Control the contents of the clipboard
  5. Mark files sent for printing, etc.

That is, as you can see, these spies can record all user activities, leaving almost nothing unattended.

On the one hand, this software is very often used for illegal purposes. For example, activities for illegal receipt passwords, logins and other information, both for ordinary users and for companies and organizations.

And their subsequent use in order to obtain benefits, including material ones. But on the other hand, today this type of program is legal and can be used for information purposes without harming anyone.

For example, keyloggers can be useful:

  • Administrators of organizations, companies, and so on. In these institutions, especially those with important economic, strategic and other information, it is important to supervise personnel in maintaining its confidentiality.

That is, we get this family programs keyloggers can be used both for good purposes and for bad illegal purposes, the consequence of which can very often be not only administrative, but also criminal punishment. Now let's figure it out technical side this question. The fact is that a keylogger in a simple sense is a spy, including a keyboard spy. What does it mean?

This means that tiny, unnoticeable programs are collected important information(passwords, website browsing history, and so on) about the computer user without him noticing. Problem area in this issue is that they are often not seen by antiviruses. The danger is that they do not always regard them as prohibited software and, as a result, simply ignore them.

There are many types of keyloggers

Moreover, writing them is not so difficult, which is what many attackers take advantage of, introducing from time to time various changes and innovations.

After testing more than 60 common keyloggers, we can draw the following conclusions:

  • Working method. Most Keyloggers use the most primitive methods of collecting information. That is, this suggests that during their work they do not disguise themselves in any way and have primitive protection. That is, it is clear regular user their hidden work does not see, but you just need to carry out a basic check and they are simply calculated. But, as we have observed descriptions of many of them, they are all supposedly completely invisible, as we see this is far from the case.
  • Only about 10% have more than complex structure work, including protection methods.

Interestingly, there are also hardware keyloggers. That is, they are installed not programmatically, but technically. For example, placing a spy directly in the keyboard itself. This is a fairly popular device. Next, a hardware keylogger can be built directly into the cable, while masquerading as an extension cord or filter.

But let's return to software keyloggers. This family of keyloggers is very diverse and very often, a particular instance may be written in a single version by a professional hacker to perform a specific task. Plus, the fact that they are quite easy to hide from antivirus programs makes them a very dangerous threat to personal data.

The following types of programs are used to combat them:
  • Anti-keyloggers
  • Antispyware applications

The most productive are anti-keyloggers. They can protect against almost all types of keyloggers, including hardware ones. This can be verified by the independent testing results of the independent organization Anti-Keylogger.Org.

As for antiviruses, at first they could only detect keyloggers that were contained in their databases. But then they started to come out updated versions antiviruses that had proactive protection. It is aimed at blocking new types of threats, including modifications of old ones without their presence in the databases.

It is worth noting that keyloggers are not viruses because they cannot reproduce themselves. For this reason, they are referred to as potentially dangerous software. Sometimes the detection function for such software can be disabled in the antivirus, so if you think that extra caution would not hurt, then you should still enable it.

To summarize, we can draw some conclusions

Keyloggers are fairly simple programs to write. New, modified versions appear at an enviable speed. As a result, identifying them using antivirus forces based on existing databases is often quite difficult.

Most effective method To combat them, you will use an anti-keylogger. But even this cannot guarantee you full protection. You can completely clear the system of keyloggers only manually, using necessary knowledge and experience.

In this article we looked at the question - what is a keylogger, what is it used for, what is its essence, how can you protect yourself from it.

Who among us hasn’t wanted to feel like a cool hacker at least once and break at least something? :) Even if not, then let’s talk about how great it would be to get a password from your mail/social network. the network of a friend, wife/husband, roommate thought at least once by everyone. :) Yes, and you have to start somewhere, after all! A significant part of attacks (hacking) involves infecting the victim’s computer with so-called keyloggers (spyware).

So, in today’s article we’ll talk about what are free programs to monitor computers on windows based , where you can download their full versions, how to infect a victim’s computer with them, and what are the features of their use.

But first, a little introduction.

What are keyloggers and why are they needed?

I think you yourself have guessed what it is. As a rule, they are a kind of program that is hidden (although this is not always the case) installed on the victim’s computer, after which it records absolutely all keystrokes on this node. In addition to the clicks themselves, the following is usually recorded: the date and time of the click (action) and the program in which these actions were performed (browser, including the website address (hurray, we immediately see what the passwords are for!); local application; system services(including Windows login passwords), etc.).

From here one of the problems is immediately visible: I got access to my neighbor’s computer for a couple of minutes and I want to get her password from VK! I installed the miracle program and returned the computer. How can I look up passwords later? Looking for a way to take the computer from her again? The good news is: usually not. Most keyloggers are capable of not only storing the entire accumulated database of actions locally, but also sending it remotely. There are many options for sending logs:

  • A fixed email (there may be several) is the most convenient option;
  • FTP server (who has it);
  • SMB server (exotic, and not very convenient).
  • Fixed flash drive (you insert it into the USB port of the victim’s computer, and all logs are copied there automatically to invisible mode!).

Why is all this needed? I think the answer is obvious. In addition to the banal stealing of passwords, some keyloggers can do a number of other nice things:

  • Logging correspondence in specified social networks. networks or instant messengers (for example, Skype).
  • Taking screenshots of the screen.
  • View/capture webcam data (which can be very interesting).

How to use keyloggers?

And this is a difficult question. You need to understand that just finding a convenient, functional, good keylogger is not enough.

So, what is needed for successful work spyware:

  • Administrator access to a remote computer.
    Moreover, this does not necessarily mean physical access. You can easily access it via RDP (Remote Desktop Service); TeamViewer; AmmyAdmin, etc.
    As a rule, the greatest difficulties are associated with this point. However, I recently wrote an article about how to get administrator rights in Windows.
  • Anonymous email/ ftp (which will not identify you).
    Of course, if you are breaking Aunt Shura for your neighbor, this point can be safely omitted. As is the case if you always have the victim’s computer at hand (ala, find out your brother/sister’s passwords).
  • Lack of working antiviruses / internal systems Windows protection.
    Most public keyloggers (which will be discussed below) are known to the vast majority of antivirus software (although there are logger viruses that are built into the OS kernel or system driver, and antiviruses can no longer detect or destroy them, even if they have detected them). Due to the above, anti-virus software, if any, will have to be mercilessly destroyed. In addition to antiviruses, systems like Windows Defender(these first appeared in Windows 7 onwards). They detect suspicious activity in software running on a computer. You can easily find information on how to get rid of them on Google.

These, perhaps, are all the necessary and sufficient conditions for your success in the field of stealing other people’s passwords / correspondence / photos or whatever else you want to encroach on.

What types of spyware are there and where can I download them?

So, let's begin the review of the main keyloggers that I used in my daily practice with links to free download their full versions(i.e. all versions are latest on current moment(for which it is possible to find a cure) and with already working and tested cracks).

0. The Rat!

Ratings (out of 10):

  • Stealth: 10
  • Convenience/usability: 9
  • Functionality: 8

It's just a bomb, not a keylogger! In working condition it takes 15-20 KB. Why be surprised: it is written entirely in assembly language (veteran programmers shed tears) and written mostly by enthusiastic hackers, due to which the level of its secrecy is simply amazing: it works at the OS kernel level!

In addition, the package includes FileConnector - a mini-program that allows you to connect this keylogger with absolutely any program. As a result, you get a new exe of almost the same size, and when launched, it works exactly like the program with which you glued it together! But after the first launch, your keylogger will be automatically installed in invisible mode with the parameters for sending logs that you have previously specified. Convenient, isn't it?

Great opportunity for social engineering(bring a game file/presentation to a friend on a flash drive, or even just a Word document (I’ll tell you how to create an exe file that launches a specific word/excel file in one of my next articles), launch it, everything is good and wonderful, however, the friend is already invisibly infected!). Or just send this file to a friend by mail ( better link to download it, because modern mail servers prohibit sending exe files). Of course, there is still a risk from antivirus software during installation (but it will not exist after installation).

By the way, using some other techniques you can glue any distribution together hidden installation(these are available in The Rat! and Elite keylogger) not only with exe files (which still raise suspicion among more or less advanced users), but also with ordinary word / excel and even pdf files! No one will ever think anything about a simple pdf, but that’s not the case! :) How this is done is the topic of a whole separate article. Those who are especially zealous can write me questions through the feedback form. ;)

Overall, The Rat! can be described for a very long time and a lot. This was done much better than me. There is also a download link there.

1. Elite keylogger

Ratings (out of 10):

  • Stealth: 10
  • Convenience/usability: 9
  • Functionality: 8

Perhaps one of the best keyloggers ever created. Among its capabilities, in addition to standard set(interception of all clicks in the context of applications / windows / sites), includes interception of instant messenger messages, pictures from a webcam, and also - which is VERY important! - interception of WinLogon service passwords. In other words, it intercepts Windows login passwords (including domain ones!). This became possible thanks to his work at the level system driver and launch it while the OS is loading. Due to this same feature, this program remains completely invisible to both Kasperosky and all other anti-malware software. Frankly, I have not met a single keylogger capable of this.

However, you shouldn’t delude yourself too much. The installer itself is recognized by antiviruses very easily and to install it you will need admin rights and disabling all antivirus services and services. After installation, everything will work perfectly in any case.

In addition, the described feature (working at the OS kernel level) introduces requirements for the OS version on which the keyloggers will work. Version 5-5.3 (links to which are given below) supports everything up to and including Windows 7. Win 8/10 as well windows family server (2003 / 2008 / 2012) are no longer supported. There is version 6, which functions perfectly, incl. on win 8 and 10, however, it is currently not possible to find a cracked version. It will probably appear in the future. In the meantime, you can download Elite keylogger 5.3 from the link above.

No mode networking, therefore, it is not suitable for use by employers (to monitor the computers of their employees) or an entire group of people.

An important point is the ability to create an installation distribution with predefined settings (for example, with a specified email address where logs will need to be sent). At the same time, at the end you get a distribution kit that, when launched, does not display absolutely any warnings or windows, and after installation it can even destroy itself (if you check the appropriate option).

Several screenshots of version 5 (to show how beautiful and convenient everything is):

2. All-in-one keylogger.

Ratings (out of 10):

  • Stealth: 3
  • Convenience/usability: 9
  • Functionality: 8

It is also a very, very convenient thing. The functionality is quite at the level of Elite keylogger. Things are worse with secrecy. Winlogon passwords are no longer intercepted, it is not a driver, and is not built into the kernel. However, it is installed in system and hidden AppData directories, which are not so easy to reach to unauthorized users(not to those on whose behalf it was installed). Nevertheless, antiviruses sooner or later successfully do this, which makes this thing not particularly reliable and safe when used, for example, at work to spy on your own superiors. ;) Gluing it to something or encrypting the code to hide it from antiviruses will not work.

Works on any version of Win OS (which is nice and practical).

As for the rest, everything is fine: it logs everything (except Windows login passwords), sends it anywhere (including e-mail, ftp, fixed flash drive). In terms of convenience, everything is also excellent.

3. Spytech SpyAgent.

Ratings (out of 10):

  • Stealth: 4
  • Convenience/usability: 8
  • Functionality: 10

Also a good keylogger, although with dubious secrecy. Supported OS versions are also all possible. The functionality is similar to previous options. Eat interesting feature self-destruction after a specified period of time (or upon reaching a predetermined date).

In addition, it is possible to record video from a webcam and sound from a microphone, which can also be very popular and which the previous two representatives do not have.

Eat network mode work, which is convenient for monitoring a whole network computers. By the way, StaffCop has it (it is not included in the review due to its uselessness for one user - an individual). Perhaps this program is ideal for employers to spy on their employees (although the leaders in this field are unconditionally StaffCop and LanAgent - if you are a legal entity, be sure to look in their direction). Or to keep track of your offspring who love to sit and watch “adult sites”. Those. where what is needed is not concealment, but convenience (including a bunch of beautiful log reports, etc.) and functionality for blocking specified sites/programs (SpyAgent also has it).

4. Spyrix Personal monitor.

Ratings (out of 10):

  • Stealth: 4
  • Convenience/usability: 6
  • Functionality: 10

The functionality is at the level of the previous candidate, but the same problems with secrecy. In addition, the functionality includes interesting thing: Copy files from USB drives inserted into your computer, as well as remote viewing logs through a web account on the Spyrix website (but we are going to download a cracked version, so it will not work for us).

5. Spyrix Personal monitor.

Ratings (out of 10):

  • Stealth: 3
  • Convenience/usability: 6
  • Functionality: 8

I won’t describe it in detail, because... this instance does not have anything that one of the previous spies did not have, however, someone may like this keylogger (at least for its interface).

What do we end up with?

The issue of using a keylogger is more ethical than technical, and it greatly depends on your goals.

If you are an employer who wants to control his employees, feel free to set up StaffCop, collect written permission from all employees for such actions (otherwise you may be seriously charged for such things) and the job is in the bag. Although I personally know more effective ways increasing the performance of its employees.

If you are a novice IT specialist who just wants to experience what it’s like to break someone - and how this thing works in general, then arm yourself with social engineering methods and conduct tests on your friends, using any of the examples given. However, remember: the detection of such activity by victims does not contribute to friendship and longevity. ;) And you definitely shouldn’t test this at your work. Mark my words: I have experience with this. ;)

If your goal is to spy on your friend, husband, neighbor, or maybe you even do it regularly and for money, think carefully about whether it’s worth it. After all, sooner or later they may attract. And it’s not worth it: “rummaging through someone else’s dirty laundry is not a pleasant pleasure.” If you still need to (or maybe you work in the field of investigating computer crimes and such tasks are part of your professional responsibilities), then there are only two options: The Rat! and Elite Keylogger. In hidden mode installation distributions, glued with word / excel / pdf. And it’s better, if possible, encrypted with a fresh cryptor. Only in this case can we guarantee safer activities and real success.

But in any case, it is worth remembering that the competent use of keyloggers is only one small link in achieving the goal (including even a simple attack). You don’t always have admin rights, you don’t always have physical access, and not all users will open, read, and even more so download your attachments/links (hello social engineering), the antivirus won’t always be disabled/your keylogger/cryptor won’t always be unknown to them . All these and many untold problems can be solved, but their solution is the topic of a whole series of separate articles.

In short, you have just begun to dive into the complex, dangerous, but incredibly interesting world of information security. :)

Sincerely,Lysyak A.S.



Related publications: