Hey,
since i know it’s quite difficult for you to integrate a antikeylogger driver sys compatible with the kernel for windows 11 (12 soon) i would like to introduce you a manufacture from www.schiffer.tech wiich is in my own opinion a good one and verry usefull for compagny too.
the name of the soft is Ghostpress version 2.6 → 06/05/2024 20:49:18
they are dying, but are well compatible with windows 11 (2.6.13 → SHA 256, 04/06/2024)
what do you think ?
have a nice day ^^
We will check it out. Do you know if it works correctly on the latest Windows versions, or only on older Windows versions? Did they have an issues lately with antikeylogging at all or has it been pretty solid with all the Windows latest updates?
This app (Ghostpress) was already mentioned in another thread, the one about SpyShelter’s keystroke encryption missing feature. Basically, this app uses another method to hide keystrokes from other apps, it uses global hooking, and no driver is needed.
Thank you for posting this. I will share this project with our team so they can investigate and see if the method used here is not disabled in the latest Windows, or if there are plans to disable that technique soon.
I did some searching online with several different tools, and it looks like some of these things that are used with this project are planned to be disabled by Microsoft in the future, unless I misunderstood something.
Back : can you be more explicit, what research you have made and where please ?
for ur info i do not programming, but i can read program, law, security and privacy behind all publicly developped programming language.
i found this from my side : → SetWindowsHookExW function (winuser.h) - Win32 apps | Microsoft Learn (it’s seem’s that will be soon a depricated function yes, but already changed too if you scroll the web page).
I used an AI tool with search, then posted the link and asked if there are plans for this to continue to be working with Windows, or if there are plans to disable it. The tool gave links to show that it would be disabled, but I didn’t keep the links. If I understand correctly you found the same?
yes you understand well, but this is not a correct way to search for information,
the correct way is to ask directly to the provider 
but it’s ok, case closed for me in this topic.
I would be surprised if Windows would remove a basic function like global hooking, I really doubt it. But perhaps you can indeed post the information that you found?
Global hooking is related to code injection, many system utilities and security tools rely on it. Sadly enough, a lot of malware relies on it too.
However, I do know that Microsoft is working on a new Windows design (triggered by the CrowdStrike incident), that allows security tools to run in usermode, this means that they won’t have to rely on a system driver. But global hooking can be done from usermode too, so I doubt they will remove it.
Yes, you are correct. I just searched again and did not find evidence that Microsoft is completely removing global hooking.
Yes exactly, in fact, I think global hooking will actually become more important if drivers are fased out. Because you still need a way to control/monitor other processes.
But I don’t think it will be easy to redesign AV’s to run in usermode. They are basically trying to copy macOS, but I think we won’t see this stuff until Windows 12. I also wonder if it will weaken security for the sake of stability.
Wow, I really hope not. I worry Windows will be turned into something like iOS/Android where you can only make apps that make or send photos, messengers, and games… no interesting monitoring tools or utilities anymore.
Before starting this project we checked out Android in detail and found you won’t be able to even make a useful resource monitor on the latest Android versions, but maybe that changed… not sure.
I don’t think this will be the case, because from what I understood, even in user-mode, security tools will still be able to monitor stuff. But the question is what will this stuff be, they shouldn’t be limited of course.
I mean, I don’t get the impression that security tools on macOS are that advanced, most likely because they don’t have kernel access anymore. Do you think you guys can develop a SpyShelter version for macOS?
That’s a cool idea! It would be fun to make a Mac version, but it depends on what limitations exist with MacOS and what Apple plans to change in the future.
In the past I worked on another software and we had a Windows and Mac version, and Apple made an unexpected change that broke our app completely… and we weren’t the only developers with this issue. So, for that reason I’m not sure if we would want to do Mac software anymore. In the end it ended up being OK but it was a big mess when it happened because our users couldn’t use the app anymore for awhile.
I believe that normally speaking, macOS shouldn’t break stuff anymore, since they have now switched to so called ‘‘system extensions’’, and this will be the standard for the coming years.
But it also depends a bit on how many people would be willing to buy this stuff, because many people on the macOS are not that worried about security, and believe that built-in security like XProtect and Gatekeeper wil block all malware.
In the past you had tools like Little Flocker (which was bought by F-Secure). This was the only standalone behavior blocker that I know off. So SpyShelter for macOS would be quite a unique product. You could make it into a file/folder monitor plus firewall, and it would compete with for example Little Snitch.
Yes, I think maybe Mac users are more concerned about privacy than security, but I could be wrong…
We will check out these two tools, thanks! I will also share your comments with future ideas with the team. At this time though I’ll say we’re a super small team and our resources are extremely limited.
OK I see. I also think that it’s probably not worth to put much time in a macOS version, it’s better to stay focused on Windows. But if it would be easy to develop, it would still be cool though.
Yes, we are not against developing for Mac 100% in case I made it sound that way… it’s not impossible we could make a Mac version.
You never know, perhaps it will become a huge hit! 
I will never be a Mac user, because hardware are to private,
but I could try the spyshelter driver, in a virtual machine. It wouldn’t be hard for me to install an Apple OS in a VM, since personal computers are getting faster and faster, so the performance difference compared to Windows would be negligible.
For older computers, however, the problem is that Apple’s security features require an Apple chip. Neither Intel nor AMD processors are fully compatible with macOS, so you also need an Apple chip to ensure compatibility with the motherboard.
The issue is that motherboards publicly available today are not designed for Apple chips,
so upgrading your chip on a mac laptop will cost you a new computer.