The AirDrive Forensic Keylogger is an advanced USB hardware keylogger accessible from any Wi-Fi device such as a computer, laptop, tablet, or smartphone. Text data typed on the USB keyboard will be captured and stored to internal flash memory. The device maintains a wireless access point, which may be used to view recorded data through a special webpage created by the keylogger. The AirDrive Forensic Keylogger is 100% transparent for computer operation and no software or drivers are required.
This section contains concise information on basic keylogger handling. If you need detailed instructions, please refer to sections Recording keystrokes and Viewing recorded data.
To record keystrokes, plug the device in-between the keyboard and USB port.
To view recorded data, make sure the keylogger is powered through USB (connecting a keyboard is not necessary though). Use a device with Wi-Fi such as a smartphone, tablet, laptop or desktop to connect to the wireless network set up by the keylogger. The network name by default begins with AIR_, followed by a unique identifier.
Once connected, use a web browser to connect to 192.168.4.1. The keylogger will display a page with recorded data, settings and configuration. Navigating this webpage is fairly self-explanatory.
Installation of the AirDrive Forensic Keylogger is quick and easy. Simply plug it in between the USB keyboard and the USB port. No software or drivers are required. The USB hardware keylogger will start recording all data typed on the keyboard to the internal flash disk. Once recording starts, new data will be appended to the end of the log file. The device is completely transparent for computer operation.
Step 1. Disconnect the USB keyboard from the USB port at the computer or hub. This can be done even with the computer up and running.
Step 2. Connect the hardware USB keylogger between the USB keyboard and the USB port. Keystroke logging will start automatically.
Note: If an external USB hub is being used, connect the keylogger between the hub and the USB keyboard.
Once keystroke data has been recorded, it may be viewed or downloaded on any personal device equipped with Wi-Fi, such as smartphone, tablet, laptop or desktop computer. The AirDrive Forensic Keylogger should be powered through USB, although attaching a keyboard is not necessary.
Each device sets up a wireless network with a unique network identifier (SSID). Connect to this network with your smartphone, tablet, laptop or desktop computer.
Once connected, open a web-browser and type in 192.168.4.1. The device will respond with a webpage presenting the data log, settings, and configuration options.
Keystroke data is formatted in the same as it would appear on the screen, with special keys in brackets ([Ent], [Esc], [Del] etc.). The data log is organized in pages, containing 2048 characters per page. The bottom bar contains links to navigating through pages, as well as links to other subpages. These include settings and downloading the entire log.
Navigating the webpage created by the AirDrive Forensic Keylogger is farily self-explanatory. Each option is described in detail, usually with usage examples.
When finished evaluating the log file, disconnect from the wireless network set up by the AirDrive Forensic Keylogger in order to restore the primary network connection.
Exploring the webpage set up by the AirDrive Forensic Keylogger Flash drive brings up the basic features and options made available by the device. The basic data log view is available under the Home link (it is also the default page). Data is organized in pages of 2048 characters, which may be browsed by navigation links at the bottom of the page.
The data log may be downloaded through the web browser by clicking on the link Download in the navigation area. This produces an option to chose the starting page and number of pages to download.
The wireless network set up by the device may be configured through the Settings link. This opens an additional subpage with the name of the network, authentication method, password, and hidden SSID option. If a password is set, make sure to memorize it, otherwise access to the device will be restricted. The hidden SSID option shall be used with particular care, as this will prevent the device from being visible by other Wi-Fi devices without explicit knowledge of the network name.
The Settings page also contains options for configuring keystroke logging. A variety of parameters may be set, including logging special keys, frame filtration, keyboard layout, header information, and more.
The Settings page also contains an option to erase the data log (although this is rarely necessary given the large memory capacity).
It is possible to enable a national layout for language-adapted keyboards, such as French, German etc. This will allow national characters to get logged properly (including those with Alt Gr), such as ö, æ, ß, ó etc. The following example demonstrates the advantages of applying the German national layout.
Text logged without layout
Kezlogger )PS-2 / USB=
Text logged with layout
KeyLogger (PS/2 & USB)
To enable a keyboard layout, the appropriate layout file must be chosen in through the Settings page.
4.5 V – 5.5 V DC (drawn from the USB port)
Max. power consumption
450 mA (2.2 W)
Maximum burst log speed (approx.)
Maximum continuous log speed (approx.)
USB HID-compatible keyboard (Low-speed, Full-speed)
IEEE 802.11 b/g/n
WLAN authentication support
WPA-2, WPA, WEP64, WEP128
Dimensions excluding USB connectors
(L x W x H)
10 mm x 16 mm x 11 mm
(0.4" x 0.6" x 0.4")
The AirDrive Forensic Keylogger will not work with the following hardware configurations:
The keyboard is not responding
The keyboard connector or the keylogger connector is not inserted firmly. Please check the connection with the USB keyboard and port.
The keylogger does not switch to flash drive mode
Please check the following:
Problems with logging national characters
Please check if you have downloaded the correct layout file and copied it to the flash disk root directory? If not, please check the National keyboard layouts section.
The keyboard doesn’t work in flash drive mode
This is normal behavior. In flash drive mode, the keylogger will install the removable disk instead of the keyboard. Use the mouse to copy the log file to the hard drive, then restore normal operation. Alternatively, you may connect the keyboard to a different USB port after switching to flash drive mode.
The mouse and keyboard don’t work in flash drive mode
This can happen on wireless keyboards and keyboard/mouse combos. In flash drive mode, the keylogger will install the removable disk instead of the keyboard/mouse combo. To get around this, connect the keyboard/mouse to a different USB port after switching to flash drive mode.
I’ve checked everything, nothing helps!
If you are still experiencing problems, please do the following:
[Esc] - Escape
[F1] - F1
[F2] - F2
[F3] - F3
[F4] - F4
[F5] - F5
[F6] - F6
[F7] - F7
[F8] - F8
[F9] - F9
[F10] - F10
[F11] - F11
[F12] - F12
[Ctl] - Control
[Alt] - Alt
[Ins] - Insert
[Hom] - Home
[PUp] - Page Up
[PDn] - Page Down
[Del] - Delete
[Win] - Win
[Aps] - Apps
[Cap] - Caps Lock
[Ent] - Enter
[Bck] - Backspace
[Tab] - Tab
[Prn] - Print Screen
[End] - End
[Scr] - Scroll Lock
[Up] - Up
[Dwn] - Down
[Lft] - Left
[Rgh] - Right
[Num] - Num Lock
[-N] - - (num)
[+N] - + (num)
[.N] - . / Delete (num)
[/N] - / (num)
[*N] - * (num)
[0N] - 0 / Insert (num)
[1N] - 1 / End (num)
[2N] - 2 / Down (num)
[3N] - 3 / Page Down (num)
[4N] - 4 / Left(num)
[5N] - 5 (num)
[6N] - 6 / Right (num)
[7N] - 7 / Home (num)
[8N] - 8 / Up (num)
[9N] - 9 / Page Up (num)
[Pwr] - Power
[Slp] - Sleep
[Wke] - Wake
No responsibility is taken for any damage, harm or legal actions caused by misuse of this product. The user should follow the guidelines contained in this document, otherwise no liability will be assumed. It is the user's responsibility to obey all effective laws in his/her country, which may prohibit usage of this product.
In most countries the usage of a keylogger is fully legal as long as a clear notice is displayed, informing the user of the monitored equipment about the presence of a keystroke logger. We encourage the use of this equipment only for the purpose of monitoring your own computer, especially for protecting children against online hazards. It is NOT LEGAL to use a keylogger for the purpose of intercepting third party data, especially passwords, banking data, confidential correspondence, etc. If in doubt, please seek legal advice before using a keystroke logger. A good starting point is the U.S. Department of Justice Letter on Keystroke Monitoring and Login Banners, according to which a clear notice should be displayed, warning that user keystrokes may be logged.