Keylogging is predominately associated with malware spread by persistent, determined adversaries. The technique is still useful, with users so slow to adopt tokens and passkeys. A variation on the theme is common for pwning ATMs and gas pumps. The technique is simply presumed malicious, and generally, the civilian world leaves it alone, as it should.
Perhaps you can find some open source "IT Security" or "monitoring" apps, if your search terms don't sound fishy to international law enforcement. But there's broader context as well:
A number of particularly crafty state-sanctioned vendors sell all manner of hackery-pokery as "Enterprise Insider Threat Monitoring", perfectly legal and above board. Here's one:
fit These software bundles employ fiendish spying techniques, allowing enterprise security admins to sit on users' laps all day. These apps monitor detailed usage of email, web sites, file management, messaging, videos, screen-captures, document open/print/save, peripherals (connect, disconnect, power up, sleep, stream, etc., etc.) and...
KEYLOGGING.
For example: Record the desktop video of all screens to a buffer. Meanwhile, other sensors watch activity in applications and peripherals. The keylogger buffers and searches for trigger-words and patterns. When it gets a hit, the app will collect desktop video and keep recording. Then it uploads the evidence package to a central vault, where, for example: The SOC (security operations center) might investigate the new user in accounting who asked in chat about "warehouse" "alarm" "codes", while browsing street maps (yes, this happened).
This entire cycle is tough for remote hackers to pull off these days. In the ethically grey areas, this is the kind of software deployed by state agencies, to monitor foreign nationals, tourists and citizens alike. But don't sweat it; this would never happen to us here.
