Why Did I Build This?
"To deeply understand how malicious payloads interact with the Windows Kernel. Rather than building purely destructive software, I engineered a highly visible, 'gamified' malware suite that intercepts hardware streams while testing the boundaries of OS security."
Architecture & Decisions
Developed in C++17 leveraging raw Win32 APIs. The core utilizes `SetWindowsHookEx` to establish global WH_KEYBOARD_LL and WH_MOUSE_LL hooks, intercepting inputs before user-space processing. It parses these inputs into readable CSV logs. Secondary modules actively scan the file system for standard browser cookie directories and utilize LodePNG for localized, dependency-free screen captures. (Experimental DLL injection capabilities are present but disabled to ensure system stability).
Key Features
- 01.Global hardware interrupt interception (Keylogging)
- 02.Automated file system scraping for browser cookies
- 03.Dependency-free PNG screen capture (LodePNG)
- 04.Experimental self-injecting DLL architecture
- 05.Autonomous disk-fill (I/O exhaustion) payload