Writing a Simple Key Logger

Author

Pavel Yosifovich
Pavel Yosifovich has 25+ years as Software developer, trainer, consultant, author, and speaker. Co-author of “Windows Internals”. Author of “Windows Kernel Programming”, “Windows 10 System Programming, as well as System and kernel programming courses and “Windows Internals” series.

Note: This blog post is designed to complement the accompanying video embedded at the top of the page. The video provides an in-depth, visual demonstration of the concepts and code discussed here, making it an invaluable resource for learners.

Introduction

Keyloggers are both fascinating and controversial. This video demonstrates how to create a basic keylogger using the Windows API without driver-level or DLL injection complexity.

Techniques Explored in the video

  • GetKeyState API: Detects which keys are pressed using virtual key codes.
  • Character Conversion: Converts ASCII codes into readable characters using Shift and Caps Lock detection.
  • Special Key Handling: Adds support for Enter, Space, and number row characters using virtual key constants.
  • Repeat Timing: Discusses the pitfalls of keypress repetition and how to respect the user’s keyboard delay settings using SystemParametersInfo.

Enhancements Discussed in the video

  • Mapping shifted characters (!, @, #, etc.)
  • Cross-application logging using foreground window tracking
  • Improving realism through dynamic sleep intervals and reduced visibility

Final Notes

This is an educational exercise for Windows developers and reverse engineers to understand input APIs, not for unethical use. For a more robust approach, Pavel recommends exploring SetWindowsHookEx.

Want to learn more? Check out Mastering Windows Internals at TrainSec!

$1300

$1040 or $104 X 10 payments

Windows Internals Master

Broadens and deepens your understanding of the inner workings of Windows.

Explore the accompanying video for a detailed walkthrough of the code and concepts, and keep experimenting.

For more insights into Windows internals and advanced programming concepts, keep exploring TrainSec’s free Knowledge Library. Stay tuned for more deep dives into topics that empower your technical growth!

Liked the content?

Subscribe to the free TrainSec knowledge library, and get insider access to new content, discounts and additional materials.

blue depth

About the author

Pavel Yosifovich
Pavel Yosifovich has 25+ years as Software developer, trainer, consultant, author, and speaker. Co-author of “Windows Internals”. Author of “Windows Kernel Programming”, “Windows 10 System Programming, as well as System and kernel programming courses and “Windows Internals” series.