import psutil import os SUSPICIOUS_KEYWORDS = [ "keylogger", "pynput", "keyboard", "keystroke", "hook" ] SUSPICIOUS_FILES = [ "keylogger.py", "logs.json", "keylog.txt" ] def check_running_processes(): print("\n[+] Scanning running processes...\n") found = False for process in psutil.process_iter(['pid', 'name', 'cmdline']): try: cmdline = " ".join(process.info['cmdline']) if process.info['cmdline'] else "" for keyword in SUSPICIOUS_KEYWORDS: if keyword.lower() in cmdline.lower(): print(f"[!] Suspicious Process Found") print(f" PID : {process.info['pid']}") print(f" Name: {process.info['name']}") print(f" Cmd : {cmdline}\n") found = True except (psutil.NoSuchProcess, psutil.AccessDenied): pass if not found: print("[✓] No suspicious running processes detected.\n") def check_suspicious_files(): print("[+] Scanning common folders for keylogger files...\n") found = False common_paths = [ os.path.expanduser("~"), os.getcwd() ] for path in common_paths: for root, dirs, files in os.walk(path): for file in files: if file.lower() in SUSPICIOUS_FILES: print(f"[!] Suspicious File Found: {os.path.join(root, file)}") found = True if not found: print("[✓] No suspicious files found.\n") def risk_level(): print("\n--- Risk Assessment ---") print("LOW : No suspicious activity") print("MEDIUM : Python background scripts found") print("HIGH : pynput / keyboard detected\n") if __name__ == "__main__": print("\n=== Python Keylogger Detection Tool ===") check_running_processes() check_suspicious_files() risk_level()