~/projects/keyguard
All projectsshippedSecurity2024
KeyGuard
Anti-keylogger / keylogger-prevention tool that detects and disrupts keystroke-capture behavior.
problem
The problem
Keyloggers are among the quietest threats on a machine, they don't need privileges most users notice, and they exfiltrate everything you type. Detection has to reason about behavior, not signatures.
approach
How I approached it
- Built a defensive tool that watches for keystroke-capture patterns and interferes with them.
- Focused on the behavioral side of endpoint security rather than static AV signatures.
architecture
Architecture
1Monitor
Watch for hook/capture behavior
2Detect
Flag suspicious keystroke interception
3Disrupt
Interfere with the capture path
decisions
Engineering decisions & tradeoffs
$
Behavioral over signature-based
// Signatures miss novel keyloggers; behavior generalizes to threats you haven't catalogued.
stack
PythonWindows APIs
what's next
- › Cross-platform support
- › System-tray daemon with alerting