🕵️ ShadowLog: Advanced Activity Monitor

ShadowLog is a Python-based activity monitoring tool built for cybersecurity education and authorized security testing.
It demonstrates how keystroke monitoring, contextual logging, and controlled data transmission operate in Red Team and Blue Team scenarios.

Unlike consumer monitoring software, ShadowLog is designed to teach detection, analysis, and defense techniques, not surveillance.

---

⚠️ Disclaimer

FOR EDUCATIONAL AND AUTHORIZED USE ONLY

• Do not use on systems you do not own or have permission to monitor
• Do not use for spying, stalking, or malicious surveillance
• Always test in controlled environments (VMs recommended)

The author is not responsible for misuse or legal consequences.

---

📖 Table of Contents

• Features
• How It Works
• Installation
• Usage
• Project Structure
• Configuration
• Disclaimer
• License

---

🚀 Features

• Keystroke Capture
  Logs standard and special keys (Enter, Space, Backspace, etc.).

• Active Window Tracking
  Records the currently focused application to provide context for each log entry.

• Local Log Storage
  Saves logs to disk with automatic file rotation for stability.

• Optional Remote Logging
  Supports sending log batches to a Discord Webhook (disabled by default).

• Live Control Toggle
  Instantly pause or resume logging using a configurable hotkey (F9).

---

🧠 How It Works

ShadowLog follows a simple monitoring pipeline:

1. Hook – Registers a keyboard listener using system-level hooks.
2. Context Capture – Retrieves the active window title during key events.
3. Log Management – Writes structured logs locally with rotation support.
4. Transmission (Optional) – Sends log batches to a remote endpoint if enabled.

This architecture mirrors real-world monitoring techniques used by both attackers and defenders, making it valuable for threat modeling and detection research.

---

📦 Installation

Prerequisites

• Python 3.8+
• pip

Setup

1. Clone the repository

   git clone https://github.com/BGx-11/ShadowLog.git
   cd ShadowLog

2. Install dependencies

   pip install -r requirements.txt

---

🛠️ Usage

Administrator / root privileges may be required for full keystroke capture.

Windows

python shadowlog.py

Linux / macOS

sudo python3 shadowlog.py

---

🎛️ Controls

Action	Key
Pause / Resume Logging	F9
Exit Safely	CTRL + C

Logs are flushed and saved automatically on exit.

---

📂 Project Structure

ShadowLog/
│
├── shadowlog.py        # Main monitoring engine
├── requirements.txt   # Python dependencies
└── README.md          # Documentation

---

⚙️ Configuration

Edit shadowlog.py and locate the EASY CONFIGURATION section.

Set Log Directory

LOG_PATH = Path(r"E:\ShadowLog\Logs")

Enable / Disable Remote Logging

DISCORD_WEBHOOK_URL = "https://discord.com/api/webhooks/..."
# or
DISCORD_WEBHOOK_URL = None

Remote logging is optional and disabled by default.

---

⚠️ Disclaimer

FOR EDUCATIONAL AND AUTHORIZED USE ONLY

• Do not use on systems you do not own or have permission to monitor
• Do not use for spying, stalking, or malicious surveillance
• Always test in controlled environments (VMs recommended)

The author is not responsible for misuse or legal consequences.

---

📄 License

This project is licensed under the MIT License.

---

Developed by BGx (Devansh Agarwal)
Cybersecurity Enthusiast & Developer