Tuesday, 20 September 2016

Payload Websites with redpill Hacker 6

redpill Hacker 6 has just been released with more flexible and powerful payload websites.

A payload website is a website that is created by redpill Hacker that is used to secretly install spy software (the payload) remotely on a target computer.

Example of a Payload website create by redpill Hacker:


In redpill Hacker 5 you could also have created payload websites, but you now have more flexibility to make the website look the way you want it to.

You can use any 'con' - any app that you can think off that people would want to download. You simply choose the wording for your site and select a background.


No website development skills required - redpill Hacker will create the website for you in seconds.


redpill Hacker 6 also comes with a new and improved help file to help you with even more advanced topics including:
  • Step by step 'getting started' instructions that can turn anyone into a professional hacker. 
  • Creating payloads (spy install modules) that can be installed - secretly and remotely.
  • Different types of payloads and how to use them - including key loggers and modules that secretly retrieve documents. 
  • Using Social Engineering Templates to remotely install spy software. 
  • Emailing payloads directly to targets or using redpill Hacker to send the payload. 
  • Sending bulk emails to a list of targets. 
  • Creating Password Phishing Websites - to get user names and passwords.
  • Creating Payload Websites used to install spy software via a website. 
For more information about redpill Hacker visit www.redpill.co.za

Sunday, 7 August 2016

Hacking tools to get usernames and passwords



redpill Hacker has various tools and methods to get usernames and passwords from a target computer. In this article I will briefly discuss the different methods of retrieving passwords using redpill Hacker.

Payload with Key Logger

redpill Hacker allows you to create a payload that will remotely install a key logger on the target computer. Everything that is typed on the computer will be recorded and secretly emailed to you including usernames and passwords.

Saved keywords will not be retrieved (this action increases the detection rate), instead you can use the 'Retrieve Saved Passwords' template in redpill Hacker.

When you use the 'Retrieve Saved Passwords' Social Engineering Template, redpill Hacker will do the following:

  1. It will create a payload that looks like a Virus Removal Tool.
  2. redpill Hacker will then email the target the payload and explain that there is a virus that steal passwords doing the rounds.
  3. It will then instruct the target to temporarily disable his Anti Virus as normal Anti Virus does not detect the virus and it needs to be disabled to allow the virus tool to scan and remove the virus.
  4. The tool will then run - it will loot to the target like a virus is being removed - but the key logger will secretly be installed.
  5. The target will then be instructed to change all his passwords as the virus was found and his passwords was possibly already compromised. 
  6. As the target change each of his passwords, the key logger will email you the website or application used and the new username and password.


Password Phishing Website

The Password Phishing Website is a tool in redpill Hacker that creates a type of portal website that retrieve the target's username and password before redirecting him to the website he intended to go to. This tool has a very high success rate as nothing is installed (no warnings or problems with anti virus) and it works on all devices.

For more information on how this works read: Password Phishing Website in redpill Hacker

Document Grabber

redpill Hacker has a document grabber payload. It is a lightweight payload - that means it gets past 95% of anti-virus and does not cause a UAC warning message to pop up.

The thing that makes a lightweight difficult to detect and stop is the fact that it is ... well, lightweight. It goes in with one single task, performs the task and then disappears. It does not try to install itself in order to keep on running or do anything else.

The task that the document grabber performs is to retrieve all the documents in the Documents folder and all the sub folders.

What does that have to do with passwords? You will be amazed to find out how many computer users have a document in their Documents folder or one of the sub folders with a list of all their usernames and passwords in case they forget them.

To find out more about redpill Hacker go to www.redpill.co.za

Thursday, 7 July 2016

Hack in secret with the Darknet


If you think it is only a couple of terrorists that is being watched by the authorities, think again. 

Have a look at the google transparency report (click this link) . Google and other companies comply with thousands or requests for information about specific user accounts from authorities all over the world!

 In 2015 there where 68 908 requests where they provided data to authorities … with other words give access to the gmail accounts. These stats are from google themselves! You will also notice when you look at the graph that the number of requests per year is growing. Keep in mind, that this is just gmail. All other email providers receive similar requests.

There is of course the 'If you have nothing to hide' argument. In a perfect world that might make some sense. We live in an imperfect world where nothing is truly black or white, where the good guys is never 100% good and the bad guys never (well seldom) 100% bad.

You can't just simply trust that you are only being watched by the 'good guys' and that every employee working at the 'good guys' will never use the information they can get for malicious purposes.
"Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say" - Edward Snowden
redpill do not encourage or condone any illegal activity. Do not use your hacking and spy software legally - respect other people's privacy - but also fight for your own privacy!

What can you do to protect your privacy?

Encrypt your emails using PGP.

You don't need to encrypt all your emails, but if there are some correspondence that you think needs to stay private, you can encrypt your emails. An easy way to do this is to use gmail with mailvelope. See the video below:


Use the Darknet

To be anonymous and to hide your IP address, you can work on the Darknet. With the Internet one computer connects to another computer and it is easy to get the IP address of the original computer.
On the darknet, internet requests are bumped around on computers (or nodes) in a way that it is not possible to get the original IP Address.

You use the darknet with special software like Tor.

How Tor Works:


Tor uses a network of computers to let your encrypted internet request jump around several computers. There is no way for the authorities to check who visited the website.

To use Tor is easy, just install it and use Tor instead of your normal browser. You can still use your normal browser for activities that you feel you don't need to keep private. 

Tor is free and can be downloaded at: https://www.torproject.org


Friday, 20 May 2016

Know your redpill Hacker Payloads

redpill Hacker Payloads

What is a payload?

In computer security, payload refers to the part of malware which performs a malicious action. In redpill Hacker, the payload is attached to an email or a website and is delivered to the target PC. The payload will then secretly perform a specific action like installing a key logger or retrieving documents from the target computer.

Different types of payloads in redpill Hacker

There are different payloads in redpill Hacker and new ones being added with each new release. Some will only take screenshots while another will take screenshots and install a key logger. There is also another that will secretly retrieve all the documents from the target computer.

When you select a payload in redpill Hacker the details of the payload will be displayed to help you choose the right payload for the job.

Select Payload in redpill Hacker
Payloads are grouped into two main categories in redpill Hacker:
  1. Heavyweight Payloads - Does a lot. Takes screenshots, installs key logger and continue to run even after a computer is restarted.
  2. Lightweight Payloads - Only performs a specific tasks and only until the computer is restarted. 
Don't underestimate the Lightweight Payloads

Why would you choose a lightweight payload if it only runs until a restart and only performs a specific task? 

Think of lightweight payloads as the special forces of your army. They do less damage but they can get into places where your conventional forces will not be able to reach.

Lightweight payloads has a very low Anti-Virus detection rate and also bypass the Windows UAC Warning Message. With heavyweight payloads there are ways to deal with the UAC message but it requires a bit more social engineering. 

An example of a lightweight payload is the Document Grabber. It will secretly retrieve all the files in the documents folder (and all sub folders). Depending on what your investigation is all about, this might just be what you need. A lot of computer users store a password file on their computer with a list of their accounts with usernames and passwords.

Remember ...

Don't use redpill Hacker illegally. redpill Hacker should only be used for ethical (legal) hacking, penetration testing and security training. 

Monday, 25 April 2016

Hacking Terms you need to know



On the spy software training blog you will come across various 'hacker' terms. Here are some of the important terms you need to know if you are interested in Penetration Testing (Hacking Tools and Spy Software).

Hacker Some believe that hacker means a skilled and enthusiastic programmer and that a 'cracker' is someone that breaks into system. In the sense that we will use hacker, a hacker is a person who uses computers to gain unauthorized access to data.
Penetration Testing Penetration Testing is when a company ask you to try to hack into their system. They sometimes want to do this to see if their system is secure, and if it is not (if you succeed), they want a report on how you managed to get into their system.
White Hat A 'White Hat' is a good hacker doing only ethical hacking. Examples would be to someone working for the authorities or a person doing Penetration Testing for a company.
Black Hat A black hat is a 'bad' hacker. Using his skills for criminal activities with no regard to people's privacy or damage caused.
Grey Hat A Grey Hat is a hacker that is sometimes willing to cross the line and do a bit of illegal hacking if he can morally justify what he is doing (even if it is just to himself).
Hacktivist A person who gains unauthorized access to computer files or networks in order to further social or political ends.
Target The person you want to monitor or the computer with the data you are looking for.
Social Engineering Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. redpill Hacker has various Social Engineering Templates that can be used for different scenarios. 
Con A con is a confidence trick. You trick someone into winning their confidence so that you can get them to divulge information or perform a task like opening an attachment. A con is part of a social engineering attack.
Payload In computer security, payload refers to the part of malware which performs a malicious action. In redpill Hacker, the payload is attached to an email or a website and is delivered to the target PC. The payload will then secretly install the spy software.
Phishing The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers, online.
Spear Phishing Spear Phishing is a more targeted attack. The attacker first spend some time finding information about the target. When the phishing email is then sent to the target, it contains a lot of personal information about the target – giving the target a sense of familiarity and trust.

Wednesday, 13 April 2016

Hacker Training Course


redpill started a training course for redpill Hacker. The course includes:

  • 8 Day Course (8 Lessons) that can be spread over a longer period.
  • 11 Practical Exercises where you 'attack' a real target (your instructor).
  • PDF Document with 30 pages of tips and advanced training topics.
  • Covers a wide range of topics including social engineering, payloads, password phishing, payload websites that install spy software and more.
  • The instructor will connect to your PC to help you with the exercises.
For prices and more information, 
visit the redpill hacker training page.

For more information about redpill Hacker, go to www.redpill.co.za

Tuesday, 12 April 2016

Why we use Bitcoins


Yesterday, Perfect Money decided to block our account (because we are selling Penetration Testing Software - ouch! ... that is like being kicked out of hell because you are too bad! We thought we where the good guys compared to the rest of the crowd using Perfect Money).

So, as of yesterday, redpill will no longer directly accept Perfect Money (you can still use your PM, read on).

Over the more than 10 years we have been in this business, we used (and stopped using) a lot of different payment methods:

  • Liberty Reserve, up until March 2013 when US Authorities decided to seize the Liberty Reserve website and freeze all the accounts ... including the accounts of good guys like us :(
  • Paypal, but then paypal decided to block our account until we stop selling our spy software. Although it is easy to open new accounts, paypal makes charge-back fraud too easy for criminals ... and unfortunately criminals like hacking software.
  • Over the years we also tried many others, but have decided to only continue with Webmoney and Bitcoins. We also still accept credit card payment via Avangate, but only for some of our products.
Why Webmoney?
We have been using them for over 10 years without any problems. Unfortunately, webmoney is not well known or used in most western countries (mostly used by Russia).

Why Bitcoins?
We LOVE Bitcoins!!

Bitcoins are not controlled by a central company or entity ... it is controlled by people. There is no single website or domain that can be seized by the authorities, no single person or company that can decide to close your account. 

To find out more about bitcoins, go to http://bitcoin.org
.. or, if you just quickly want to buy bitcoins and use your bitcoins to purchase a redpill product, you can use a company like: http://localbitcoins.com

What if you only have Perfect Money and you need to purchase?

You can create a Bitcoin account at a company like http://localbitcoins.com and then use a company like https://p2pchange.is (there are many others to choose from) to quickly convert your PM to bitcoins. 

How to purchase from redpill using Bitcoins

Go to www.redpill.co.za and click on Purchase. Select the Bitcoin option and click on the purchase button. Follow the instructions.

Important: Our Bitcoin address is changed on a regular basis. Do not use a bitcoin address that you used previously. Always go to the purchase page and get the latest bitcoin address.

Once you did the purchase, contact us so that we can verify the payment.

Please note: Sites that we referred to in this article are sites that we have used in the past and found that they are good to use. We however have nothing to do with these sites and you use them on your own risk.