Skip to main content


Showing posts from 2015

redpill Hacker 4 and Anti-Virus

redpill routinely test redpill Hacker against Anti-Virus detection and improve its Anti-Virus Counter Detection techniques and measures.

Tests done on 2015/12/16 had the following results:

The heavyweight payloads had a detection rate of 9 out of 43 (Only 9 of the top 43 Anti-Virus packages could detect redpill Hacker payloads).

The lightweight payloads had a detection rate of 1 out of 43(Only 1 of the top 43 Anti-Virus packages could detect a lightweight payload).

For more information about lightweight payloads see: Document Grabber

Why is the detection rate not zero? See Spy Programs vs Anti-Virus

Things to remember to keep your redpill Hacker detection rate down:

Each customer gets a unique build of redpill Hacker to reduce the risk of detection. Each payload you create is different, but the more times your payloads are scanned, the greater the risk becomes that Anti-Virus companies can find a unique 'fingerprint' within all your payloads.

If that happens, your success rate wi…

Hacking Made Easy

Hacking made easy with the new redpill Hacker 4!

Video explain hacking principles and show multiple ways of hacking with redpill Hacker.

For more information about redpill Hacker visit

Hacking was never so easy!

Professional Hacking was never so easy! redpill Hacker version 4 has been released - easier to use and more powerful!

New Enhancements in redpill Hacker 4:

The new version of redpill Hacker has more features but is easier to use!

When making selections, detailed descriptions of each item selected are added to help you understand what will be created and how it works (see screenshot above - click to enlarge).

With redpill Hacker you could always have created many different payloads (covert install modules that secretly install spy programs on the target computer) and each one could be customized. Now, in version 4, you can also choose from different types of payloads performing different tasks with different levels of sophistication.

There are lightweight payloads that bypass the Windows UAC Warning message. Then there are also heavyweight payloads that perform a lot more tasks and return a lot more data that require a bit more social engineering. Even installing heavyweight payloads tha…

Stealth Document Grabber

Version 3.6 of redpill Hacker has been released. One of the enhancements is a new type of payload (spy module) called the 'Stealth Document Grabber;.

Stealth Document Grabber

The Stealth Document Grabber will secretly email documents, pictures and other files on the target computer to you. The Stealth Document Grabber is also part of a new group of lightweight payloads.

Lightweight Payloads vs Heavyweight Payloads

There is a new group of Lightweight Payloads that is available in Version 3.6. These payloads only runs once and only perform specific tasks. The advantage of these payloads is that they are more difficult to detect and they bypass the Windows UAC Warning Message.

Heavyweight payloads can perform multiple tasks (key logging, taking screenshots) and will also continue to monitor a computer even after a computer restart was done. When the payload is however run for the first time it will cause the Windows UAC warning message to pop up. However, redpill Hacker has advanced So…

How to use a phishing site to retrieve passwords

redpill Hacker is Penetration Testing Software for ethical hackers with various hacking tools. In this article I will explain how the Password Phishing Website tool works.

All you need is a Windows hosting option with a Windows Server that supports ASP.NET 4.0. There are a lot of website hosting companies to choose from like (and countless others) where you can get very inexpensive hosting options.

Your 'con' will be to email the target a link to some 'secure content' that will require him to sign in using his social media account (gmail, yahoo, facebook, etc). The secure content can be any youtube video or any other video from any other site. It could also be a link to a PDF or some other content on the Internet.

Below is a break down of how it works:

You specify the custom settings you want in redpill Hacker and redpill Hacker creates the phishing site for you to fit into your specific con.redpill Hacker sends an email to the target using the Social Engine…

How to get Saved Passwords on a Remote Computer

Keyloggers allow you to get everything that is typed including passwords. The problem is, what about passwords that are saved and that the target does not type. There are some spy software programs that will claim to retrieve these passwords but it is not always effective as it will depend on the type of browser or application that the target is using.

There is another way to get saved passwords: Use Social Engineering

First, you need to remotely install a key logger on the target computer using something like redpill Hacker or redpill Agent.

Then you use social engineering and get the target to change his passwords. You could send him an email or even give him a call with a message like this:

Hi Hackers found a new vulnerability in Windows that allows them to retrieve all your saved passwords on your computer. To protect yourself, do the following:Run Windows Updates and make sure you get the latest security updates that will include a security patch for the new vulnerability.Change al…

redpill Agent Improved

redpill Hacker has been dominating posts in this spy software blog lately but redpill Agent is far from done. A new version has just been published with a couple of improvements and a new look (see screenshot above).

redpill Hacker can do everything redpill Agent can do and a lot more ... but there are quite a lot of redpill Agent fans that still prefer this legacy system. It might have something to do with the fact that redpill Agent is a bit notorious and has even been blamed by hackermedicine  and some other news blogs for a major attack in India (read article here).

For more information about redpill Agent and other spy software visit

redpill Hacker price reduced

redpill got a new look:

To celebrate our new look and website, we discounted the redpill Hacker price with 50%! redpill Hacker is now (for a limited time) available at $ 99. An upgrade to the latest version (that will also give you a new unique and clean build) has also been reduced to $ 39.

Install Spy Program from a Website

redpill Hacker will create the website for you and upload the payload (spy program). No need to email any attachments.

For more information about redpill Hacker visit:

Install Spy Software with a Payload Website

redpill Hacker 3.5 is now available. The most significant enhancement is a new powerful tool in the redpill Hacker arsenal (existing hacking tools where also updated and improved).

redpill recently added the 'Password Phishing Website' tool. The very high success rate of this tool convinced redpill to develop a new tool that combine the website creating ability of redpill Hacker with its payloads.

Social Engineering Payload Website

The difference between the Password Phishing Website Tool and the Payload Website Tool is that the password site can only capture a username and password while the payload website will install spy software to monitor the computer.

With the Payload Website you bypass any email problems as no attachments are emailed. You also don't email a link to a payload (install module). Emailing a link is one of the best delivery methods but it still has two problems:

Most computer users know not to click on a link in an email. They where told to go to the websi…

redpill Agent vs redpill Hacker

A lot of customers wants to know what is the difference between redpill Agent and redpill Hacker. redpill Hacker is without question a better product as it can do everything that redpill Agent can do and much more. redpill Agent is however still an excellent product and redpill will keep on supporting redpill Agent.

redpill Agent is bit easier to use for the simple reason that there is much less that you can do. redpill Hacker is very user friendly, but will require that you watch the videos, read the articles and spend a little time getting familiar with how it works.

redpill Hacker is definitely for the more serious hacker. 

In short, here are the differences:
With redpill Agent you are limited to one email account for receiving data - so you are limited with the number of installs you can do. With redpill Hacker you can add as many email accounts as you want (unlimited installs).redpill Agent can only be linked to a gmail account. That can sometimes be a problem if gmail forces you t…

redpill Hacker - Getting Started

There is a lot that redpill Hacker can do - too much to explain in one article. For this article, I will focus on getting started - the very basics. We will send one payload to one target.

You will not need to do all the steps for every attack you do, but you will need to set a couple of things up before you start using the system.

Step 1: Add an Email Account

You will need to add at least one email account. From the Menu click on Resources > Email Accounts.

Email accounts will be used to send payloads to targets but also be used by the payload to send you data.

You can add any number of email accounts that you want to use. You can use any email service that supports SMTP. Free email services like gmail and yahoo will work, but will have some limitations and problems. These services are very strict with the type of attachments they allow and will also limit you with the number of emails that can be sent in a day.

When adding your email account note the following:
Use load default if …

Incremental Hacking

No hacking attempt is guaranteed. There is a lot that can go wrong when you attempt to remotely and secretly install spy software.

Things that can go wrong:

The target can choose not to open the payload. Even after some good social engineering, there will be a lot of targets that will know better than to open the attachment.The target can open the payload on a device (Operating System) that does not support the specific payload.The target computer can have a two-way firewall (not the standard Windows Firewall) that can block the data from being sent.The target computer can have very strict Anti-Virus that will block any program that is not known and trusted.

Ways to improve your chances of success:

The first thing you can do is use a targeted attack against a specific target. You find out as much as you can (facebook, google, etc) about the target. You can use information that might look very insignificant to others to improve your social engineering con (I will explain in more detail wi…

Setting up a FTP Server for redpill Hacker

redpill Hacker is a hacking tool (penetration testing tool) that allows you to do different types of 'attacks' on targets (the computers or persons you want to monitor/investigate). Some attacks like the Phishing Website Attack or a payload that is send with a link require a website (or at least a file hosting site for the link option).

You do not need an actual website as redpill Hacker will create the website for you (in the case of the phishing site) or you only need a place to host the file (in the case of the link attack). So all you need to get, is a website hosting option from a hosting company like Sites like godaddy offer cheap hosting options that also include a domain name.

With your hosting option, you will also get a FTP Server. The FTP Server is used to upload files to your website. In redpill Hacker, you can easily add the FTP Server. Open redpill Hacker and go to Resources > FTP Servers.

Your hosting company will give you the server name. It wil…

redpill Hacker 3.22 Released

redpill Hacker 3.22 has been released with the following enhancements:
The payloads has been improved to make them harder to detect. The changes include changes to avoid detection by the target (user) and anti-virus.
Note: One of the changes will cause a delay in the initial 'success message' and a delay before receiving the initial data. After the initial delay, data will be received in real time.The payloads will now also give the IP address of the target computer that can be used to look up the target location.A 'Delete All' was added to the target screen. This is useful if you want import targets (email addresses) from a file and attack targets in batches.  For more information about redpill Hacker, visit

redpill Hacker now with website phishing

redpill Hacker now with new website phishing feature. Training video shows how to get usernames and passwords from any device and any operating system.

For more information about redpill Hacker or more training videos visit:

redpill Hacker 3 is available!

The new redpill Hacker 3 is more flexible with the way payloads are created and used. It also comes with a database of thousands of commonly used passwords and a Dictionary Attack tool to hack into email accounts. See the video for for a demonstration.

For more information about redpill Hacker visit the redpill website.

redpill Hacker - How to attack a large list of targets

redpill Hacker allows you to install  spy software on any number of computers (unlimited). If you decide to do a single attack on a large number of computers, you need to use a two phase attack to avoid detection. This video explains how to do it:

For more information about redpill Hacker, visit

Spy programs vs Anti-Virus

Is redpill spy products FUD? I get asked this question a lot. FUD (in some circles) means Fully UnDetectable spy programs.

The answer depends on what you mean with FUD. Some Anti-Virus packages will block and remove any program that is downloaded or received via email and is not a well known program. The program is not really detected as a known virus, and it does not even need to show any suspicions behavior, but is blocked and removed by some strict AV (Anti-Virus packages) because it is seen as a potential threat.

If you take that into consideration, no spy program can be completely undetectable (or FUD).

redpill products like redpill Hacker and redpill Agent gets past more Anti-Virus than most other spy programs. It however also depends on how you use your spy program. I will explain how to use your spy program, but first, it is important that you understand how detection works.

How Does Anti-Virus Software Detect Spy Programs?

AV companies basically detect spy software (and viruses…

redpill now accepts Bitcoin

redpill accepts credit/debit card payments for redpill Spy and redpill Detective, but not for the more 'hard core' penetration testing software like redpill Hacker and redpill Agent. For those products redpill uses Perfect Money and Webmoney.

Some customers complained as Perfect Money and Webmoney is not supported in the United States and difficult or expensive to load from some countries. To help those customers, redpill now also allow bitcoin payments that is available everywhere including in the US.

To purchase using bitcoin, just select that option in the Purchase page of the redpill website.

For more info about bitcoin click here. To get started is very simple and quick. You can install a wallet app from (tip: install a lightweight client and not a full node like Bitcoin Core as a full node needs to download tons of data).

Email setup in redpill Hacker

In redpill Hacker you need to setup email accounts. Email accounts are used to send data from the spy module and also sending the attack module to the target. You can add as many email accounts as needed and you can use an email service that supports SMTP.

You will get the SMTP details from your email service provider. If you want to use gmail, you can use the settings below:

Email; your full gmail email addressUsername: again, your full gmail email addressPassword: your gmail passwordServer: 587Use SSL: Yes (check the box) Do a test (just click on Test). If you get a 5.5.1 error, read this.
Remember, you don't need to use gmail. Just added the settings here as a lot of users use gmail.

FTP Server for redpill Hacker

Update: This article is for an older version of redpill Hacker.Please see: Setting up a FTP Server in redpill Hacker
When to fill in the FTP details in redpill Hacker ...

When to use links

In redpill Hacker there are two Social Engineering Attack methods that would require the use of a FTP Server - a link or a website.

If you are new to redpill Hacker, I suggest you start with the easier attachment types like a program file, zip file, or Wordpad file, as these types do not require a FTP Server. When you choose one of these types, the FTP Settings are disabled.

Using a link as part of a social engineering attack is sometimes needed as some email services like gmail block attachment types like program files and zip files. Although Wordpad files are allowed in gmail, some other email services or anti-virus applications will block wordpad attachments that contain embedded program files.

How to use a link

A link in an email is just that - a 'link' that points to something somewhere e…

redpill Hacker - How to use Wordpad

redpill Hacker tutorial video that shows you how to use a Wordpad attack module. Wordpad attachments is not blocked by gmail or yahoo.

There are several different types of modules that can be used with redpill Hacker. More training videos will be coming soon ...

Spy Software Developer - TheCoder.Ninja

The programmer of the redpill spy products gets a new name, look and website:

Please note: still the same software developer. The redpill website and redpill products will not be affected. Still working hard on new and better spy software

redpill Hacker Tutorial Video

Tutorial Video that shows you how to use redpill Hacker to install spy software remotely and secretly on multiple (unlimited) computers anywhere in the world.

For more information about redpill Hacker visit:

redpill Hacker Version 2 Released

redpill Hacker 2 is now available!
redpill Hacker now allows you to install on multiple targets with a click of a button. It now includes a target database (email addresses of the persons you want to monitor) as well as new Social Engineering Templates. You can now specify multiple targets (persons you want to monitor) in redpill Hacker. You can now choose from Social Engineering Templates and add your own.redpill Hacker will automatically send personalized emails (using the Social Engineering Templates) to multiple targets with the click of a button.The install modules or link to install modules will automatically be added in the email. As with the previous version, any number of install modules can be created. Supported formats include .zip, .rtf, .exe and links.

For more information about redpill Hacker and other spy software products visit:

Fake redpill websites

Be aware of the following fake redpill websites:
www [dot] redpillspy [dot] comwww [dot] redpilldetective [dot] com They used to be able to sell redpill products through the Avangate Affilate Network system. redpill has now disabled the network affiliate selling system due to sites like these that claims to be the official sites of redpill products.
It caused problems as they where making false promises to customers and also selling other spy products of a lower quality from these websites that looked like they where the official redpill sites.
The official redpill website is:
Official product sites: redpill Spy : Agent: Detective: Hacker:

redpill Hacker Email Accounts

redpill Hacker allows you to setup and use multiple (unlimited) email accounts for sending and receiving data. This article explains how email accounts are used in redpill Hacker.

When using redpill Hacker, there is usually three email accounts involved:
Email account for sending data (Delivery Email Account).The Spy Module will use this account to secretly send the data via email.Email account for receiving the data. The email account that you will use to communicate with the target (for social engineering) and to email the install module.Note: You can use the same email account for all three tasks.
The email account to receive data you only specify when creating the install module and the email account you will use to communicate with the target you do not need to specify in redpill Hacker. Setting up the email account for sending the data is a bit more tricky so we will look at how that is done.
Setting up an email account in redpill Hacker
In redpill Hacker click on 'Email Accou…

redpill Agent gets past 93% of Anti-Virus Detection

redpill Agent now gets past 93% of anti-virus detection. 
redpill Agent with the new version of Ghost Protocol got past popular Anti-Virus packages like Avast, AVG and 36 other top anti-virus packages.

On 2015-02-28 redpill ran an install module of redpill Agent through 39 anti-virus scanners (all up to date with the latest anti-virus defenitions) and only had a 7% detection rate (see results in image above). Only 3 of the 39 packages marked the redpill Agent install module as a potential threat. These 3 that did detect redpill Agent is not widely used as they are known for having a lot of False Positives (detecting programs as viruses when they are not).

redpill improved counter detection on all redpill spy products including redpill Spy and redpill Hacker. redpill Hacker has even a lower detection rate than redpill Agent. 

For more information about redpill spy products visit:

FUD Spy Programs

FUD - no, not 'Fear, Uncertainty and Doubt ' but Fully UnDetectable Spy Software means Key Loggers and other Spy Programs that can get past Anti-Virus systems.

Some hackers use Crypting programs to make spy programs and key loggers undetectable.The crypting programs does not encrypt the program files as that would make them unusable, instead the code within the file is scrambled. The problem with these programs is that although the file might no longer be detected by anti-virus, the file becomes damaged and unusable (the crypting program causes problems within the program file.

redpill have been using a unique set of features and processes to make their spy programs undetectable. With redpill Agent, these features and processes are applied with Ghost Protocol.

redpill has just released Version 2 of Ghost Protocolthat has a lot more enhanced features and processes that include:
Code Obfuscation and Scrambling (basically what a Crypting program does).String and Resource Encryption…

Install Spy Program with a Link from a Legit Website

Some hard targets (users that are security conscious) will not open an attachment or click on any link in an email. Sending a link in an email is easy ... making sure it looks legit and trustworthy is a bit more work.

This video is a tutorial on how to remotely install redpill Agent with a link in a email that comes from a real website.

Problems receiving your emails from redpill Agent?

Not receiving your emails in gmail from redpill Agent and getting the following error when you do a test?
The SMTP server requires a secure connection or the client was not
authenticated. The server response was: 5.5.1 Authentication Required
.Follow the steps below to fix the problem:

Usually the problem is that an incorrect password was entered for gmail in the 'Spy Install Module' creation page. Create a new install module and make sure you enter the correct gmail password for your account.

If you are sure your password in the install module is correct and you still have the same problem, do the following:

Open your gmail account and go to Settings.Go to the 'Accounts and Import' Tab and click on 'Other Google Account Settings'.

Go down to the 'Signing In' Section.

Turn 2-Step Verification is 'Off' and change 'Access for less secure apps' to 'Allowed'.
You should now start receiving the data from redpill Agent.

For more informatio…

redpill Hacker with Custom Website

redpill released a new powerful spy program called redpill Hacker. One of the program features is to create different delivery packages. Using a custom website as a delivery package has been proven to have the best success rate of all delivery methods.

A lot of computer users know not to open attachments or click on links in emails. You can get past some of them by using social engineering and winning their trust before sending the link or attachment, but some hard targets (security aware users) might still be a problem.For those targets, a custom web option is your best choice.

How the Custom Website Delivery Method Works:

As mentioned, a lot of users will not open an attachment or click on a link, but they might be willing to install a useful application directly from the providers website. The key is to choose a product that the target will be interested in.

Depending on your target, you can think of an application/product that the target will be interested in. Examples would be:

New hacking tool for professionals

New spy program from redpill: redpill Hacker
All the power of redpill Agent but with no limits (unlimited installs), not linked to gmail and with delivery package creation!!

redpill Hacker is the ultimate hacking tool for professional hackers! Remotely and secretly install on computers anywhere in the world.Records all key strokes (key logger) and take screenshots.Unlimited installs!!Unlike redpill Agent, you are not limited to link your install modules to gmail. You can link each install module to a different email account and use any SMTP email service.Various Delivery Methods for Remote Install: ApplicationEmail Wordpad File - The system will assist you in creating the wordpad file.Email ZIP File - The system will create the zip file for you.Email a link - The system will create the link for you!Website - The system will upload the install module to the website.Each customer gets a uniquely build version. No Anti-Virus will know about your spy program as you will be the only one that i…

How to create a spy program and embed it into wordpad

Video that shows you how to create an install module (spy program that can be remotely installed) and embed it into wordpad. Embedding a spy program into wordpad allows you to bypass email security.

For more information about redpill Agent go to