DeadKey simulates keylogging attacks to test EDR systems, enabling users to strengthen their defense strategies.
DeadKey is a Python-based keylogging simulation designed for authorized purple team assessments and security testing. It captures all keystrokes on a target system, including letters, numbers, modifiers, function keys, and arrows, then transmits them to a controlled server, where they are timestamped and logged in a structured format for detailed analysis and evaluation of EDR detection capabilities.
-
⌨️ Keystroke Capture: Captures all keys including letters, numbers, modifiers, function keys, and arrows.
-
🌐 Remote Logging: Sends captured keystrokes to a server for real-time analysis.
-
🕒 Timestamped Logs: Each keystroke can be logged with timestamps for detailed assessment.
-
⚙️ Procedural & Lightweight: Pure Python script, no GUI, minimal footprint.
-
🛡️ Lab-Safe Testing: Designed only for authorized purple team and EDR testing scenarios.
- Pre-requisites: Ensure you have Python3 installed on your system.
- Clone the Repo: Use "git clone https://github.com/Cursed271/DeadKey"
- Traverse into the Directory: Use "cd DeadKey"
- Install Dependencies: Use "pip3 install -r requirements.txt"
- Execute the Server Script: Use "python3 DeadKeyServer.py"
- Execute the Keylogger Script on the Target Machine: Use "python3 DeadKey.py"
Have suggestions or feature requests? Feel free to reach out via:
- 🐦 Twitter: @Cursed271
- 🐙 GitHub: @Cursed271
- 🔗 LinkedIn: Steven Pereira
- 📧 Email: cursed.pereira@proton.me
- 🐞 File an Issue: GitHub Issues
- 💡 Request a Feature: Feature Requests
Your feedback helps improve DeadKey! Contributions and PRs are always welcome. 🚀
- Steven Pereira (aka Cursed) - Creator & Maintainer
DeadKey is licensed under the MIT License. See the LICENSE file for details.