Project Name

Python Keyboard Event Logger (Security Research Lab)

One-line Summary

Built a Python keyboard logger to understand how input monitoring tools work under the hood, and to think about how defenders might detect that kind of activity on a machine.

Background

I made this as a learning exercise to get a better idea of how keyboard monitoring software actually works at the OS level. Writing the script was only part of it though. I also spent time thinking about what a security analyst would see if something like this was running on a machine without the user knowing.

Full Description

I wrote a Python script that captures keyboard input in real time and saves everything to log files with timestamps. It took some work to get the event listeners set up properly and to keep the script running reliably in the background.

I also used it as a chance to think about the defensive side. Unusual process behaviour and unexpected file creation are exactly the kinds of things endpoint security tools flag, so going through this helped me understand what that looks like from the attacker's perspective.

Key Features

Technical Skills Applied

What I Learned

This project taught me more than I expected. Even a simple Python script can look a lot like malware when you look at how it behaves on a system. It also made me appreciate why endpoint visibility matters so much in a SOC environment, since it is surprisingly hard to spot this kind of activity without proper monitoring in place.

View on GitHub

Built and tested locally in a controlled environment for educational cybersecurity research purposes only.

Python keyboard event logging script Timestamped local log output Python event listener implementation