https://github.com/objective-see/sniffMK
sniff mouse and keyboard events
https://github.com/objective-see/sniffMK
Last synced: about 1 year ago
JSON representation
sniff mouse and keyboard events
- Host: GitHub
- URL: https://github.com/objective-see/sniffMK
- Owner: objective-see
- License: gpl-3.0
- Created: 2017-08-18T21:40:19.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2021-02-01T06:53:55.000Z (about 5 years ago)
- Last Synced: 2025-02-14T22:22:23.497Z (about 1 year ago)
- Language: Objective-C
- Size: 26.4 KB
- Stars: 217
- Watchers: 23
- Forks: 46
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: License.md
Awesome Lists containing this project
- awesome-csirt - sniffMK
README
# sniffMK
`sniffMK` is a simple utility designed to sniff mouse and keyboard events on macOS. It is based on code from amit singh's website; (http://osxbook.com)
It was designed to facilitate malware analysis (specifically OSX/FruitFly which can simulate both mouse and keyboard events - see BlackHat/DefCon [slides](https://speakerdeck.com/patrickwardle/fruitfly-via-a-custom-c-and-c-server?slide=18) for details).
Run `sniffMK`, as root, to start sniffing events:
```
# ./sniffMK
mouse/keyboard sniffer
based on code from amit singh (http://osxbook.com)
event: left mouse down
x: 821.285156
y: 727.726562
event: left mouse up
x: 821.285156
y: 727.726562
event: key down
key modifiers: shift
keycode: 0x4/h
event: key up
keycode: 0x4/h
event: key down
keycode: 0x22/i
event: key up
keycode: 0x22/i
....
event: key down
key modifiers: control
keycode: 0x8/c
```
To only capture mouse events, execute `sniffMK` with the `-mouse` commandline argument.
Similarly, execute it with the `-keyboard` commandline argument to only capture keyboard events.