
Product
Redesigned Repositories Page: A Faster Way to Prioritize Security Risk
Our redesigned Repositories page adds alert severity, filtering, and tabs for faster triage and clearer insights across all your projects.
A python port of interception, which hooks into the input event handling mechanisms to simulate inputs without injected flags
This is a python port and wrapper for interception, a low level input device driver.
The Interception API aims to build a portable programming interface that allows one to intercept and control a range of input devices.
If your're a C++ Developer, also check out my modern C++ wrapper for the interception c-api!
Pyinterception is available on PyPi as interception-python
, so simply pip install interception-python
.
Some people are under the impression that windows doesnt differentiate between fake inputs and real inputs, but that is wrong!
Take a look at KBDLLHOOKSTRUCT, specifically the flags
field:
Testing LLKHF_INJECTED (bit 4) will tell you whether the event was injected. If it was, then testing LLKHF_LOWER_IL_INJECTED (bit 1) will tell you whether or not the event was injected from a process running at lower integrity level.
This flag will always be set when sending an input through the windows API and there is nothing you can do about it. Programs may not pick up on this flag through the KBDLLHOOKSTRUCT
, but it certainly proves that the OS clearly differentiates between inputs.
If whatever you're sending inputs to currently works fine, and you are not worried about getting flagged by heuristic input detection, then by all means its totally fine to stick to pyautogui / pydirectinput. At this point it is worth noting that alot of the more advanced anti-cheats including vanguard and some versions of EAC will not boot while the driver is loaded on your system, it is a very well known piece of software after all. And if you're going to ask me how to bypass that detection - write your own driver.
First of all, you absolutely need to install the interception-driver, otherwise none of this will work.
The first thing you are always going to want to call is interception.auto_capture_devices()
in order for the library to get the correct device handles.
Explaining why would blow the scope of this introduction and you shouldn't have to worry about, just call the function and let it do it's thing!
Now you can begin to send inputs, just like you are used to it from pyautogui or pydirectinput!
interception.move_to(960, 540)
with interception.hold_key("shift"):
interception.press("a")
interception.click(120, 160, button="right", delay=1)
Some people may need the library to move the mouse in a more 'human' fashion to be less vulnerable to heuristic input detection.
PyClick already offers a great way to create custom Bezier Curves, so the library just makes use of that. To avoid bloat for the people who do not care about this functionality, PyClick must be installed manually if you want to use it.
First create your Bezier Curve parameters container. You can either pass the params to move_to
calls individually, or set them globally.
from interception import beziercurve
curve_params = beziercurve.BezierCurveParams()
# Uses a bezier curve created with the specified parameters
interception.move_to(960, 540, params)
# Does not use a bezier curve, instead 'warps' to the location
interception.move_to(960, 540)
beziercurve.set_default_params(params)
# Uses the bezier curve parameters we just declared as default
interception.move_to(960, 540)
# Overrules the default bezier curve parameters and 'warps' instead
interception.move_to(960, 540, allow_global_params=False)
The resulting mouse movements look something like this (with the default curve parameters):
FAQs
A python port of interception, which hooks into the input event handling mechanisms to simulate inputs without injected flags
We found that interception-python demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Our redesigned Repositories page adds alert severity, filtering, and tabs for faster triage and clearer insights across all your projects.
Security News
Slopsquatting is a new supply chain threat where AI-assisted code generators recommend hallucinated packages that attackers register and weaponize.
Security News
Multiple deserialization flaws in PyTorch Lightning could allow remote code execution when loading untrusted model files, affecting versions up to 2.4.0.