This release delivers major improvements across the core system, performance enhancements, updated tooling, expanded compatibility, and a variety of internal changes designed to improve both flexibility and usability for security professionals.

Before jumping into What’s new, let us introduce SONAR.

NetHydra SONAR is a dedicated enterprise-focused edition of NetHydra, built for organizations that require a more flexible security stack compared to the standard edition, NetHydra Express.

SONAR includes additional tools and components focused on several areas of cybersecurity operations, including:

• Web Application Security
• Threat Intelligence
• Defensive Security Operations
• Security Assessment & Analysis

The goal of SONAR is to provide a more adaptable platform for enterprise environments, allowing teams to customize and scale their workflows based on operational requirements.

In addition to the new SONAR variant, NetHydra 2026.2 also includes various improvements to tool integration, and overall platform experience.

This release represents another major step forward for the NetHydra project as we continue building a modern, flexible, and security-focused platform for researchers, defenders, and enterprise organization.

let’s jump to What’s new?

What’s new —

• Firefox Theme - Revert compat Firefox theme
• Core system improvements - Added zram as default configuration
• New tools - 4 tools added
• Page update - NetHydra page update

Firefox Theme

In this update, we reverted the Firefox theme to a more compatible and classic design inspired by the 2020 Firefox appearance.

Special thanks to @BGMP for making this possible.

System Changes

In this update, we decided to enable zram as the default configuration on NetHydra to provide a better overall system experience and improved memory management.

New Tools

As with every NetHydra release, this update also introduces several new tools and package additions — including tools specifically added for the SONAR edition.

Here is a quick rundown of some of the new tools included in NetHydra 2026.2:

• MISP - Open source threat intelligence and information sharing platform.
• Burp Suite - Comprehensive penetration testing platform designed for web application security testing.
• Nuclei - Fast and customizable vulnerability scanner based on templates.
• CyberChef - The Cyber Swiss Army Knife web app for encryption, encoding, compression and data analysis

Several of these tools are included as part of the expanded SONAR toolkit to support enterprise-focused security workflows, threat analysis, and defensive operations.

Pages Update

To provide a better experience for NetHydra visitors, we have made major improvements and visual changes across several NetHydra pages.

This changes includes:

• Home - Redesigned homepage and landing experience.
• Documentation Page - Updated documentation layout, including improvements to the Tools Pages.
• Blog - Yes, you are reading this post using the new blog style!

Feel better right now? :)

Get NetHydra 2026.2

Fresh images?: what do you waiting for? Grab now! Get NetHydra

too lazy to get Fresh Images? Roll it now!

──(nethydra@NetHydra-Express)─[~]
└─── $ sudo apt update && sudo apt full-upgrade -y
[...]

──(nethydra@NetHydra-Express)─[~]
└─── $ [ -f /var/run/reboot-required ] && sudo reboot -f

You should now running NetHydra 2026.2:

──(nethydra@NetHydra-Express)─[~]
└─── $ grep VERSION /etc/os-release
VERSION="2026.2"
VERSION_ID="2026.2"
VERSION_CODENAME="sana"

──(nethydra@NetHydra-Express)─[~]
└─── $ uname -r
6.12.86+nethydra-rt-amd64

Or if you’re using SONAR edition:

──(nethydra@NetHydra-Express)─[~]
└─── $ grep VERSION /etc/os-release
VERSION="2026.2"
VERSION_ID="2026.2"
VERSION_CODENAME="sana"

──(nethydra@NetHydra-Express)─[~]
└─── $ uname -r
6.12.86+sonar-amd64

Always, if you get any bugs in NetHydra please submit to Bug tracker!.

Want to keep up-to-date with NetHydra?

• RSS feed
• Connect with us! - X/Twitter, Infosec.exchange, Instagram

Want to connect with NetHydra community? Join us!

Why did we rebrand? Yes, you might think there’s a lack of consistency in our branding, but the main reason is to avoid any misunderstandings (as we announced here).

But don’t worry were still same!. Due to the change in project name and branding, links and more have been updated to the new address!.

New logo and Press pack

Project link

• Official page - https://NetHydra.github.io
• GitLab - https://gitlab.com/NetHydra
• GitHub - https://github.com/NetHydra
• Issues/support - https://github.com/NetHydra/NetHydra/issues

note: After 2-5 hours of this announcement and release, we will redirect https://hydrapwk.github.io to https://nethydra.github.io.

Let’s jump to, What’s new?

What’s new?

• NetOpsy - NetHydra DFIR Flavour.
• Desktop refresh - New wallpaper, Menu refresh.
• The wlanX - The legacy interface naming.
• Community update - Discord server NH&Friends

NetOpsy

Say Hi to NetOpsy! What is NetOpsy? NetOpsy is another Variant of NetHydra, Which is intended for digital forensic investigation purposes.

NetOpsy was basically inspired by the Caine Project

At NetOpsy we formatted the application menu to (refer to) the NIST SP 800-86 methodology.

• Collection
• Examination
• Analysis
• Reporting

And of course, general applications for Forensic Investigations!

Desktop refresh.

New wallpaper and theme!

NetOpsy

Say Hi to NetOpsy! What is NetOpsy? NetOpsy is another Variant of NetHydra, Which is intended for digital forensic investigation purposes.

NetOpsy was basically inspired by the Caine Project

At NetOpsy we formatted the application menu to (refer to) the NIST SP 800-86 methodology.

• Collection
• Examination
• Analysis
• Reporting

And of course, general applications for Forensic Investigations!

• ghidra
• maltego
• wireshark
• autopsy
• binwalk
• guymager
• pdf-parser
• sleuthkit
• volatility3
• sherlock

And Ofc! And of course if you have another app we don’t know about, LET ME KNOW!

Download NetOpsy now! Md5sum

The wlan0, and eth0 guy.

Maybe you are realize the interface naming on NetHydra (formerly known as HydraPWK) is following default debian interface naming (Predictable interface naming) e.g wlp2s0, enps0xxx.

Which on most computers has a different name (depending on where the wireless card is installed) That’s why we have difficulty providing default configuration values in the packages we distribute (because each computer has a different interface naming).

Therefore, we are returning the interface names to the legacy naming method. (All configurations that use interface parameters will be set to wlan0, We will assume you are installing NetHydra as bare metal).

NetHydra is now using a legacy interface naming, E.g wlan0, wlan1, eth0.

However, if you feel “more comfortable” with predictable interface naming you can check our documentation!.

Community update (NH&Friends)

Discord server

Good news! We made a new community discord server, and thank you to @Kanax01 for helping to set-up the discord server!. Click this link https://discord.gg/CvsukGecd to JOIN US.

But before we start Let’s take a look new feature of HydraPWK (hydrapwk-stealth) you can check Image bellow for hydrapwk-stealth Architectures

Note: You need to install HydraPWK on your machine before init hydrapwk-stealth

As you can see the image above is showing Process how You could get into hydrapwk-stealth and what you can do or not if you boot into hydrapwk-stealth mode And you may will asking.

What the goal?

The main goal of hydrapwk-stealth is for reduce detection from IDs (Intrusion Detection System).

As default the network interface when you boot into hydrapwk stealth the interface will use monitor mode as default (Please read. hydrapwk stealth documentation).

hydrapwk-stealth is temporary user, home directory of hydrapwk-stealth user is non persistence (Running on RAM) and once you reboot your data in hydrapwk-stealth will lost, and ofc, if the data is important you could copy your data into opt or whatever place. DON'T SAVE YOUR DATA IN hydrapwk-stealth it will lost.

…And let’s jump to Whats New?

What’s new?

• hydrapwk stealth - Stealth mode for reduce IDs Detection
• Wazuh - open source security platform that unifies XDR and SIEM protection for endpoints and cloud workloads.
• Update requirements - system minimal requirements
• Kernel migration - Migrate HydraPWK RT(PREEMPT_RT) Kernel sources.

HydraPWK Stealth

We may don’t need to explain again about hydrapwk-stealth, we just will give you the different between boot into hydrapwk-stealth and standard hydrapwk

Boot into hydrapwk stealth

Boot into normal HydraPWK

Wazuh

So yeah we’ve been working 2-3 weeks to integrate wazuh for hydrapwk, and here is wazuh running natively on hydrapwk and it would be SIEM on your backpack

Note: This is not an official binary of wazuh (the binary build by HydraPWK)

Wazuh cannot init when you running hydrapwk on live mode you need to install hydrapwk on your machine (Please check our hydrapwk wazuh documentation)

And about system requirements we are update hydrapwk minimal system requirements (Important)

You need 16GB RAM and 128GB DISK and 4 CORE CPU

HydraPWK Wazuh Login

HydraPWK Wazuh Dashboard

HydraPWK Wazuh TI MITRE

HydraPWK Wazuh HIPA

Update requirements

here is, this is our recommendation (Minimal) hardware to run hydrapwk.

And you may asking why? Why hydrapwk need very much Resources?

even if we’re using One task one tool philosophy, it is not mean HydraPWK Lightweight, desktop environment we’re using is minimal xfce4 desktop and it’s just take less than 1GB on idle (We cannot claim this, but we’re sure).

The problem is on the tools, which the tools we’re bring is Top tools only industry standard tools no duplicate only one task one tool, so yeah we won’t to compremise with it and ofc HydraPWK need a big requirements, much tools in HydraPWK is heavy tools for Industry

In essence, the tools we brought were few, but all the tools were taken from (Industry and real-world cases).

Kernel Migration

So yeah, we have been import kernel source from debian, and this release we’re used it, but don’t worry the kernel is still RT(realtime) kernel (PREEMPT_RT).

You may asking why?

As you know the previous HydraPWK kernel was a vanilla kernel from linux, and it is likely to be prone to BUG so we imported the Debian kernel into HydraPWK to minimize BUG.

But the main important is: Don’t worry HydraPWK still using RT kernel as default

Updating hydrapwk

Update hydrapwk using fresh image? Yes you can Get hydrapwk image now

so yeah don’t worry, if you have already hydrapwk Apes you can update you’re hydrapwk to the latest version (Viper) easily.

hydrapwk@hydrapwk:~$ sudo apt update && sudo apt full-upgrade -y # this is will pull 'HydraPWK Helper patch'
[...] # After thats you need to initialize hydrapwk viper
hydrapwk@hydrapwk:~$ sudo apt update && sudo apt full-upgrade

And boom! now you could check your hydrapwk version

hydrapwk@hydrapwk:~$ grep VERSION /usr/lib/os-release
# Now the output should be `Viper`

Before we start let’s talk about this Update this update Why use the tail number T1? Yeah, because it’s a snapshot of a previous release.

If you remember in our major release yesterday we included elasticsearch into the HydraPWK repo, however we had some issues regarding LICENSE (We have announced it in the official HydraPWK issues and channels), And we have pulled the elasticsearch package from hydrapwk, And instead, we included OpenSearch into the HydraPWK repo.

So basically elasticsearch will no longer be in HydraPWK.

We apologize for that, it was our (my) fault for not checking it more deeply.

and we want to say something, we saw some posts and reviews of hydrapwk and we really respect that and are very happy, but we also don’t want people to exaggerate about HydraPWK, we are really happy with people who want to review HydraPWK it means a lot to us, but please don’t compare HydraPWK or make something that is Clickbait for example, HydraPWK is better than this and that we don’t want that,,, we want honesty, that’s what’s best for this project … and I would be happier if there was someone who criticized this project.

Affected packages.

So yeah, because we replaced elasticsearch with OpenSearch and of course the tools that use that Backend.

Arkime, now arkime in hydrapwk has used OpenSearch as its backend as default.

…Let’s jump to What's New?

Note: All packages with <packages_name>_<packages_version>_<architecture>+hydrapwk is build by HydraPWK

What’s new?

• Xfce terminal colorscheme - Update colorscheme hydrapwk-purplizer for Xfce terminal.
• OpenSearch - is an open-source, enterprise-grade search and observability suite that brings order to unstructured data at scale.
• OpenSearch dashboard - data visualization tool designed to work with OpenSearch.

Please check our tools documentation for configuration

Purplizer colorscheme

In this update we updated the hydrapwk-purplizer colorscheme (Xfce terminal), Maybe you will notice that if there is an error message it will not be visible (It blends in with the terminal background), So yeah once again it was our(my) fault, so we have updated it actually we don’t need to announce this, but why not if you can announce it?.

OpenSearch as backend

As we(I) said before we included OpenSearch into the HydraPWK repository (note that it is not an official build of OpenSearch, In other words it is a build of HydraPWK).

OpenSearch Dashboards

Great news! We added OpenSearch Dashboards to HydraPWK, as the OpenSearch binary in the HydraPWK repository is not the official OpenSearch binary (Built by HydraPWK).

Updating

So, you have two options for updating HydraPWK. Want to download a fresh image? Of course you can!

Too lazy to download the new images? update via apt!

hydrapwk@hydrapwk:~$ sudo apt update && sudo apt full-upgrade -y
[...]

…So yeah, just it and we’re very sorry once again about the Problem and Thank you for visiting this announcement…

and the best things is, now hydrapwk is defensive too! another word, not just focus on pentesting and hydrapwk will be security auditing toolkit instead Pentesting toolkit.

Don’t worry about bloatware, hydrapwk still same One task one tool all the tools on hydrapwk is curated tools. All the tools we choice is based on real-world case.

What’s new?

• HydraPWK Logo 2.0 - hydrapwk updated logo (2.0)!
• New tools - arkime, elasticsearch
• Polkit rules - new hydrapwk Polkitd rules
• Desktop changes - HydraPWK purplizer, menu
• Hardware reuqirements - Update recommended (Minimal hardware requirements)
• Tools documentation - tools-documentation page
• Updating hydrapwk - Update hydrapwk using fresh image or APT.

HydraPWK Logo 2.0

so! say hy! to hydrapwk logo 2.0! This is updated logo from HydraPWK 1.0 what’s the different?

as you can see the different between HydraPWK Logo 1.0 and new logo (2.0), we made some changes as you can see bellow, like wings, and hydrapwk body…

Check more details

New tools

• elasticsearch - Elasticsearch is a distributed search and analytics engine, scalable data store and vector database optimized for speed and relevance on production-scale workloads.
• Arkime - scalable packet capture

Arkime And elasticsearch

Please read the tool documentation for Arkime and Elasticsearch/elasticsearch service

As default hydrapwk using elasticsearch as backend of arkime and vice versa elasticsearch would be backend for several tools like arkime on the future.(I hope)

Polkit rules

Here is we made polkit rules for hydrapwk menu

Desktop changes

Here is! the one of the good part hydrapwk-purplizer and

like we say before hydrapwk now is not just for pentesting and we’ve been made new category defensive category! based on NIST CSF 2.0 Framework!

HydraPWK Menu

HydraPWK Desktop

Tools doc

so yeah we’ve been made Tools documentation page hydrapwk several weeks ago i guess, but yeah we still need to improvement to the Documentation… but ofc! You could contribute. how? The hydrapwk page is hosted by GitHub and Jekyll so you could easily edit the markdown, on the tools doc on the bottom left corner you will see Edit this page button, and you can click it!

Hardware requirements

here is, this is our recommandation (Minimal) hardware to run hydrapwk.

Updating hydrapwk

Update hydrapwk using fresh image? Yes you can Get hydrapwk image now

so yeah don’t worry, if you have already hydrapwk yellowdog you can update you’re hydrapwk to the latest version (Apes) easily.

we’ve been made hydrapwk-helper it will automatically change the yellowdog repo to apes but how?

its enough that’s because the hydrapwk-helper has part of hydrapwk-utilities metapackages

hydrapwk@hydrapwk:~$ sudo apt update && sudo apt full-upgrade -y # this is will pull `hydrapwk-helper`
[...] # After thats you need to initialize hydrapwk apes
hydrapwk@hydrapwk:~$ sudo apt update && sudo apt full-upgrade

And boom! now you could check your hydrapwk version

hydrapwk@hydrapwk:~$ grep VERSION /usr/lib/os-release
# Now the output should be `apes`

Once again, if you still using HydraPWK (Transition) IMAGE/ISOs 2025.01.6.5.* please update into the latest HydraPWK IMAGE/ISOs.

What’s new?

• new themes - Dark theme for HydraPWK
• new tools - esptool, Caringcaribou
• new icons - new icons for HydraPWK tools

New tools

• esptool - tools for flashing and related esp from espressife
• caringcaribou - A friendly car security exploration tool for the CAN bus

New themes

In this update we’re adding new GTK theme (dark theme fork from skeuos gtk) for HydraPWK! Previously we’re only providing light theme.

Honestly this is not pure dark theme, this is combination light and dark colors but don’t worry, for base themes we’re using dark color!.

If you using latest HydraPWK (codename yellowdog) you can easily install this time, use APT!.

# if you using `hydrapwk-2025.02.250817233-yellowdog-T2` IMAGE/ISOs you don't need to doing this
...
hydrapwk@hydrapwk:~$ sudo apt update && sudo apt full-upgrade -y # wait until the process done
...
...
hydrapwk@hydrapwk:~$ cp -r /etc/skel/.config/xfce4 ~/.config # only if you want to using dotfiles HydraPWK!
...

New icons

And we have been creating new icons for HydraPWK tools, you can see image below!.

What’s new?

• New tools added - kismet
• New metapackages - linux-image-xhydra metapackages
• Drop support - Discontinued HydraPWK (2025.01.6.5.*)support and repo

Kismet

Now kismet added in HydraPWK repo!

What is kismet?

Kismet is an open source sniffer, WIDS, wardriver, and packet capture tool for Wi-Fi, Bluetooth, BTLE, wireless thermometers, airplanes, power meters, Zigbee.

Drop packages support

Here is, In the near future, this tool will no longer be included in the HydraPWK repository.

• squarephish
• ufonet

You can also, check this pages for information (status) tools in HydraPWK.

HydraPWK tools status

Linux image xhydra

We’ve been made new metapackages for HydraPWK.

What Is this for?

If you know about metapackages like linux-image-amd64 on Debian, linux-image-xhydra Acting same (do same job) as a metapckages for kernel update, and it will make easier for us (me) for giving an update.

With hope, making it easier when updating, so you don’t need to manually choosing kernel version, just use apt for upgrading kernel for HydraPWK.

If you using new IMAGE/ISOs (hydrapwk-2025.02.250817233-yellowdog-T1) you could skip this step.

Installing linux-image-xhydra on your HydraPWK machine

...
sudo apt update
sudo apt install -y linux-image-xhydra
...

Drop support.

With this we drop support (discontinued) for the release of Hydrapwk with the release of the code 'Transition' (2025.01.6.5.*) Debian Trixie base, and we could fully working for HydraPWK yellowdog release!.

And with that’s, good bye transition!.

Support and resources

GitHub issues - Have problem or critique? Open issues now!

Troubleshoot pages - HydraPWK Official Troubleshoot page

Reddit community - HydraPWK Official subredit

Telegram community - HydraPWK Official Telegram Community

Mastodon - infosec.exchange

Distrowatch - HydraPWK distrowatch page

latest independent review about HydraPWK

Newest review

connectwww - How to Install HydraPWK Linux on VirtualBox

iguru.gr - HydraPWK (Αύγουστος) Stress Test, Cracking, Reversing, Forensics

..

Older review

Penguinreviewlinux.org - HydraPWK GNU/Linux 2025.01.6.5.250806258: Distribuția open-source pentru hacking și pentesting, cu nucleu Real-Time și unelte avansate

Desdelinux - Top nuevas Distros Linux / BSD a ser reconocidas en 2025: Parte 08 Penguin reviews

Gladilov.org.ru - Новая виртуальная ОСь — 22.07.2025

NX11Dev HydraPWK GNU/Linux：Debian系渗透测试利器，以开源之力筑牢网络安全防线

Iguru.gr

HydraPWK on distrowatch

Even though it hasn’t been officially announced by distrowatch, looking at the HydraPWK page on distrowatch, we decided to make our own post about it.

Almost three years developing HydraPWK (Formerly known as BlackTrack) and this time has come and we’re (I’m) very excited about it, looking and developing how this project growing, until like this, maybe you just thinking this project is bad, this project is too ambitious, you’re not wrong about that’s maybe you right.

And the first achievement was getting into distrowatch, I mean, less than two months since we submitted this project and that was one of our best achievements, In less than two months, this small project made it onto the distrowatch page among other big projects!.

And we’re very thank you about it!, and with our loyal community especially Mr.pro and Fox47, I’m very thank you with you guys! Thanks once again, You’ve been with me all the way from the first time this project was created(BlackTrack) until now!(HydraPWK).

We got banned from reddit

If you looking our previous announcement (HydraPWK Migrate) we’re giving announcement, if we’re making new sub community on reddit r/hydrapwk and mastodon (infosec.exchange) but yeah sadly we got banned from reddit.

We have submitted an appeal to Reddit, but until now there has been no response. We hope that the Reddit platform (mods) will investigate it immediately.

polkitd

We are currently weighing the pros and cons of adding polkitd to our IMAGE/ISO (as a dependency on our desktop metapackages).

We calculate the pros and cons on HydraPWK performance (polkitd will enter as autostart on the desktop) If the benefits are greater, perhaps we will consider making it part of the metapackage (dependencies hydrapwk-default-desktop).

Thanks!

And to conclude this post, we’d like to thank Debian and its community and developers! Without them, this project wouldn’t exist!.

Once again, thanks everyone! Don’t forget you’re free to open issues and giving critique off course.

Support and resources

GitHub issues - Have problem or critique? Open issues now!

Troubleshoot pages - HydraPWK Official Troubleshoot page

Reddit community - HydraPWK Official subredit

Telegram community - HydraPWK Official Telegram Community

Mastodon - infosec.exchange

Distrowatch - HydraPWK distrowatch page

latest independent review about HydraPWK

Newest review

connectwww - How to Install HydraPWK Linux on VirtualBox

iguru.gr - HydraPWK (Αύγουστος) Stress Test, Cracking, Reversing, Forensics

..

Older review

Penguinreviewlinux.org - HydraPWK GNU/Linux 2025.01.6.5.250806258: Distribuția open-source pentru hacking și pentesting, cu nucleu Real-Time și unelte avansate

Desdelinux - Top nuevas Distros Linux / BSD a ser reconocidas en 2025: Parte 08 Penguin reviews

Gladilov.org.ru - Новая виртуальная ОСь — 22.07.2025

NX11Dev HydraPWK GNU/Linux：Debian系渗透测试利器，以开源之力筑牢网络安全防线

Iguru.gr

requirements

if you doesn’t have wget you can easily install with

...
hydrapwk@hydrapwk:~$ sudo apt update && sudo apt install -y wget
...

update sources

don’t worry we have been make script to update your sources!.

...
hydrapwk@hydrapwk:~$ wget -qO- https://gitlab.com/hydrapwk/documentation/archives/-/raw/main/checksum/misc/hydrapwk-modernize.sh | sudo bash
...

verify your sources

...
hydrapwk@hydrapwk:~$ ls /etc/apt/sources.list.d/*.sources # see output bellow

debian.sources hydrapwk.sources # make sure the output same like this
...

Try to update

...
hydrapwk@hydrapwk:~$ sudo apt update # if you getting error while run this, you're free to contact us.
...

latest independent review about HydraPWK

Newest review

connectwww - How to Install HydraPWK Linux on VirtualBox

iguru.gr - HydraPWK (Αύγουστος) Stress Test, Cracking, Reversing, Forensics

..

Older review

Penguinreviewlinux.org - HydraPWK GNU/Linux 2025.01.6.5.250806258: Distribuția open-source pentru hacking și pentesting, cu nucleu Real-Time și unelte avansate

Desdelinux - Top nuevas Distros Linux / BSD a ser reconocidas en 2025: Parte 08 Penguin reviews

Gladilov.org.ru - Новая виртуальная ОСь — 22.07.2025

NX11Dev HydraPWK GNU/Linux：Debian系渗透测试利器，以开源之力筑牢网络安全防线

Iguru.gr

(Thanks for the review!)

community support

GitHub issues - Open issues

Troubleshoot pages - HydraPWK Official Troubleshoot page

Reddit community - HydraPWK Official subredit

Telegram community - HydraPWK Official Telegram Community

Mastodont - infosec.exchange

What’s actually “semi-rolling” means(in HydraPWK)? Actually it’s very, very different from “rolling” release, if we release new version HydraPWK with same “branch or same base” we can still handle that’s, but if release with new branch (base) so we will cut-off or Freeze (previous release which used older base) but don’t worry we will still give you update like fixed bug for 1-2 weeks? We can’t make sure that’s and If we feel the new base is “sufficient”, we will migrate completely to the new base.

What’s new?

• menu refresh - Hybrid MITRE ATT&CK Tactics
• new tools - netexec, modpoll, exploitdb
• kernel - updating kernel to version 6.16
• can-j19399 - new pre-built can-j19399 module
• separate metapackages - Remove hydrapwk-default-tools from hydrapwk-defaults
• expanding impacket library - Expanding impacket library impacket-*

Menu refresh

• 01-Reconnaise
• 02-Resource development
• 03-Initial Access
• 04-Execution
• 05-Persistence
• …
• Until 17-Forensic :)

As you can seen we’ve been “Update menu” for HydraPWK, Which this menu folllowing “Mitre ATT&CK” tactics (Hybird Enterpise and Industry).

New tools

new tools Added on This release!

• netexec

usage: netexec [-h] [--version] [-t THREADS] [--timeout TIMEOUT]
               [--jitter INTERVAL] [--verbose] [--debug] [--no-progress]
               [--log LOG] [-6] [--dns-server DNS_SERVER] [--dns-tcp]
               [--dns-timeout DNS_TIMEOUT]
               {vnc,rdp,smb,ftp,nfs,mssql,wmi,ssh,winrm,ldap} ...

     .   .
    .|   |.     _   _          _     _____
    ||   ||    | \ | |   ___  | |_  | ____| __  __   ___    ___
    \\( )//    |  \| |  / _ \ | __| |  _|   \ \/ /  / _ \  / __|
    .=[ ]=.    | |\  | |  __/ | |_  | |___   >  <  |  __/ | (__
  / /Ë™-Ë™\ \  |_| \_|  \___|  \__| |_____| /_/\_\  \___|  \___|
  Ë™ \   / Ë™
    Ë™   Ë™

    The network execution tool
    Maintained as an open source project by @NeffIsBack, @MJHallenbeck, @_zblurx

    For documentation and usage examples, visit: https://www.netexec.wiki/

    Version : 1.4.0+hydrapwk1
    Codename: SmoothOperator
    Commit  :

options:
  -h, --help            show this help message and exit

Generic:
  Generic options for nxc across protocols

  --version             Display nxc version
  -t, --threads THREADS
                        set how many concurrent threads to use
  --timeout TIMEOUT     max timeout in seconds of each thread
  --jitter INTERVAL     sets a random delay between each authentication

Output:
  Options to set verbosity levels and control output

  --verbose             enable verbose output
  --debug               enable debug level information
  --no-progress         do not displaying progress bar during scan
  --log LOG             export result into a custom file

DNS:
  -6                    Enable force IPv6
  --dns-server DNS_SERVER
                        Specify DNS server (default: Use hosts file & System DNS)
  --dns-tcp             Use TCP instead of UDP for DNS queries
  --dns-timeout DNS_TIMEOUT
                        DNS query timeout in seconds

Available Protocols:
  {vnc,rdp,smb,ftp,nfs,mssql,wmi,ssh,winrm,ldap}
    vnc                 own stuff using VNC
    rdp                 own stuff using RDP
    smb                 own stuff using SMB
    ftp                 own stuff using FTP
    nfs                 own stuff using NFS
    mssql               own stuff using MSSQL
    wmi                 own stuff using WMI
    ssh                 own stuff using SSH
    winrm               own stuff using WINRM
    ldap                own stuff using LDAP

• exploitdb(searchsploit)
• modpoll

Impacket library

So, yeah for make easier we’re decide to expand some impacket library, so you don’t need to enter /usr/share/doc/python3-impacket/examples/ directory

/usr/bin/impacket-atexec	/usr/bin/impacket-registry-read
/usr/bin/impacket-changepasswd	/usr/bin/impacket-regsecrets
/usr/bin/impacket-dcomexec	/usr/bin/impacket-rpcdump
/usr/bin/impacket-exchange	/usr/bin/impacket-rpcmap
/usr/bin/impacket-samrdump      /usr/bin/impacket-mimikatz
/usr/bin/impacket-mqtt_check	/usr/bin/impacket-smbclient
/usr/bin/impacket-mssqlclient	/usr/bin/impacket-smbexec
/usr/bin/impacket-netview	/usr/bin/impacket-smbserver
/usr/bin/impacket-ping		/usr/bin/impacket-sniff
/usr/bin/impacket-ping6		/usr/bin/impacket-sniffer
/usr/bin/impacket-psexec	/usr/bin/impacket-ticketConverter
/usr/bin/impacket-rdp_check	/usr/bin/impacket-ticketer
/usr/bin/impacket-reg		/usr/bin/impacket-wmiexec
/usr/bin/impacket-secretsdump

Kernel Update

So we have update HydraPWK kernel to latest stable Linux kernel 6.16 and Enabling “can-j1939” modules

Seperate metapackages

As you know in our HydraPWK version 2025.01.6.5.* we combine packages hydrapwk-default-tools inside hydrapwk-defaults as dependencies.

and we relize it’s not a good things, so we decide to remove hydrapwk-default-tools from hydrapwk-defaults (as dependencies), and not including in ISO/IMAGE that’s because as you know, if you delete, just one tools, your environment will broke, were very sorry about thats.

don’t worry you’re free now to remove tools.

Upgrading

So like we said before, this release we’re using Debian Forky/sid as base, so you need to download beta iso for updating, but don’t worry if you doesn’t want to update to ‘This release (beta) with codename yellowdog’ you can still using stable base, but ofc it’s will got freeze, but don’t worry we will maintenance the repo for stable base for maybe 1 week