Penetration Testing mailing list archives

Re: Keystroke logging

From: "Kurt Keys" <KKeys () sddpc org>
Date: Fri, 01 Jul 2005 07:44:32 -0700

Instead of a Keystroke logger, setup a proxy for your pen-test systems to use
on their outbound connection to the target. Then have the proxy log everything
and although you may not have all the mouse clicks and commands typed, you 
will have a log of the traffic to and from the target network. To me that is infinitely
more valuable. But that's just me.
Good Luck,

Kurt Keys
Information Security Specialist
Information Security Department
San Diego DPC

"JB" <pentest () jitonline net> 6/30/2005 12:36:24 PM >>>

I'm wondering if anyone has either a kernel level keystroke logger for the
Linux 2.6, or a userspace keystroke logger for Linux. As part of our
penetration testing, we are required to give the client a log of all
actions performed - so this would be a good way of logging all linux
commands. Also - if you know of the same sort of tool for windows - that
would also be appreciated.

-J

Current thread:

Re: Keystroke logging, (continued)
- - Re: Keystroke logging Guillaume Vissian (Jul 01)
    - Re: Keystroke logging Aaron J. Bedra (Jul 01)
    - Re: Keystroke logging Chuck (Jul 06)
- Re: Keystroke logging Tomasz Piotr Palarz (Jul 01)
- Re: Keystroke logging Dave McCormick (Jul 01)
- Re: Keystroke logging Jay D. Dyson (Jul 01)
- Re: Keystroke logging Jerome Athias (Jul 01)
- Re: Keystroke logging netmask (Jul 01)
  - Re: Keystroke logging - mouse Alvin Oga (Jul 01)
    - Re: Keystroke logging - mouse Golden_Eternity (Jul 01)
- Re: Keystroke logging Kurt Keys (Jul 01)
  - RE: Keystroke logging Guillaume Vissian (Jul 01)
    - Re: Keystroke logging ChayoteMu (Jul 01)
    - Re: Keystroke logging Joachim Schipper (Jul 02)