Skip to content
~/projects/keyguard
All projects
shippedSecurity2024

KeyGuard

Anti-keylogger / keylogger-prevention tool that detects and disrupts keystroke-capture behavior.

problem

The problem

Keyloggers are among the quietest threats on a machine, they don't need privileges most users notice, and they exfiltrate everything you type. Detection has to reason about behavior, not signatures.

approach

How I approached it

  • Built a defensive tool that watches for keystroke-capture patterns and interferes with them.
  • Focused on the behavioral side of endpoint security rather than static AV signatures.
architecture

Architecture

1Monitor

Watch for hook/capture behavior

2Detect

Flag suspicious keystroke interception

3Disrupt

Interfere with the capture path

decisions

Engineering decisions & tradeoffs

$

Behavioral over signature-based

// Signatures miss novel keyloggers; behavior generalizes to threats you haven't catalogued.

stack
PythonWindows APIs
what's next
  • Cross-platform support
  • System-tray daemon with alerting