Wednesday, May 20, 2009

Anti keylogging

Came across a Firefox add-on called Keyscrambler Personal. It is a free software that secures keystrokes entered into IE, Firefox and Flock browsers. Like my SANS forensic trainer said, this "warrants further investigation". Never take the vendor's/author's word until you verify it for yourself.
I installed a keylogger on my virtual machine. I capture my keystrokes entered into Firefox with Keyscrambler turned off. The Gmail URL I typed as well as my credentials are captured in the keylogger log. I enable Keyscrambler and enter my credentials at the Gmail login page again. This time, Keyscrambler prevents the keylogger from recording my keystrokes.
The high res version of this demo can be downloaded here.

No comments:

Post a Comment