| import psutil | |
| import os | |
| SUSPICIOUS_KEYWORDS = [ | |
| "keylogger", | |
| "pynput", | |
| "keyboard", | |
| "keystroke", | |
| "hook" | |
| ] | |
| SUSPICIOUS_FILES = [ | |
| "keylogger.py", | |
| "logs.json", | |
| "keylog.txt" | |
| ] | |
| def check_running_processes(): | |
| print("\n[+] Scanning running processes...\n") | |
| found = False | |
| for process in psutil.process_iter(['pid', 'name', 'cmdline']): | |
| try: | |
| cmdline = " ".join(process.info['cmdline']) if process.info['cmdline'] else "" | |
| for keyword in SUSPICIOUS_KEYWORDS: | |
| if keyword.lower() in cmdline.lower(): | |
| print(f"[!] Suspicious Process Found") | |
| print(f" PID : {process.info['pid']}") | |
| print(f" Name: {process.info['name']}") | |
| print(f" Cmd : {cmdline}\n") | |
| found = True | |
| except (psutil.NoSuchProcess, psutil.AccessDenied): | |
| pass | |
| if not found: | |
| print("[✓] No suspicious running processes detected.\n") | |
| def check_suspicious_files(): | |
| print("[+] Scanning common folders for keylogger files...\n") | |
| found = False | |
| common_paths = [ | |
| os.path.expanduser("~"), | |
| os.getcwd() | |
| ] | |
| for path in common_paths: | |
| for root, dirs, files in os.walk(path): | |
| for file in files: | |
| if file.lower() in SUSPICIOUS_FILES: | |
| print(f"[!] Suspicious File Found: {os.path.join(root, file)}") | |
| found = True | |
| if not found: | |
| print("[✓] No suspicious files found.\n") | |
| def risk_level(): | |
| print("\n--- Risk Assessment ---") | |
| print("LOW : No suspicious activity") | |
| print("MEDIUM : Python background scripts found") | |
| print("HIGH : pynput / keyboard detected\n") | |
| if __name__ == "__main__": | |
| print("\n=== Python Keylogger Detection Tool ===") | |
| check_running_processes() | |
| check_suspicious_files() | |
| risk_level() | |