Installation and activation guide

How to install and activate Exploit Pack - Step by step guide

Exploit Pack is a Java desktop application. Because it runs on a JVM, it is multi-platform and can run on Windows, Linux or macOS. This guide explains how to prepare an environment and install Exploit Pack on your chosen OS.

Overview & recommendations

  • Exploit Pack requires a Java Virtual Machine (JVM). You can use OpenJDK and Oracle Java.

  • Prefer a modern Java (JDK) release. For production and stability, we recommend using the latest LTS release.

Environment suggestions

  • We recommend running Exploit Pack from an isolated environment such as a virtual machine (VirtualBox, VMware, etc.).

  • Exploit Pack includes exploit scripts and utilities that many antivirus products will flag (and in some cases quarantine or delete). Running from a VM reduces the risk to your primary desktop and prevents accidental leaks during testing.

  • During penetration tests or red team exercises, always work from an isolated environment, not from your everyday workstation.

Technical requirements

Minimum recommended resources:

  • Disk: ≥ 500 MB free

  • RAM: ≈ 4 GB or more

  • CPU: modern multi-core CPU capable of handling multi-threaded workloads Any operating system is suitable, provided a compatible JVM is installed.

Nmap and Python

Exploit Pack requires both Nmap and Python (V2.7). If you don't have them installed yet, you can either:

  • Visit their official websites to download and install them manually.

  • Simply launch Exploit Pack, and a pop-up will guide you through the installation process for both tools.

Java installation: Quick notes

  • Decide whether to use OpenJDK or Oracle JDK. Both are supported.

  • Install a modern JDK. Preferably, the latest LTS release that receives long-term updates and support; using an up-to-date JDK gives you performance, stability and security improvements.

  • After installing the JDK, verify it from a terminal/command prompt with java -version and javac -version. The output should match the JDK you installed.

Install Java on Linux ( Debian-based ) or Mac: 

apt-get install default-jdk
brew install --cask oracle-jdk

Installation steps

  • Download the launcher.

  • Download your copy of Exploit Pack using the personal download link and the credentials provided. The download links and activation are available for 48 hours.

  • Only extract (uncompress) the launcher. Do not extract other archive files yet; it should look like this:

  • Open the launcher.jar from the launcher folder

  • The tool in the launcher will appear greyed out.

  • Click Activate.

  • In the file dialog, select the Exploit Pack .zip file you downloaded and click Open.

  • Follow the on-screen steps. When activation succeeds, the Order now button will change to Launch.

  • Click Launch, and a new window will open.

  • Click Browse key and select your key file.

  • Read the EULA carefully. If you agree, click I agree. Exploit Pack will then start.

Congratulations! You have used your first CPU cycles with Exploit Pack on your system! ‌

Happy Hacking!

Important notes

  • If an antivirus flags files, run Exploit Pack in an isolated VM or lab and whitelist the Exploit Pack folder only inside that isolated environment.

  • Do not run Exploit Pack as the root/Administrator account. Run it as a regular (non-privileged) user to reduce risk.

The first time you run Exploit Pack, it will prompt you with the first-steps configuration wizard, if you need help to configure it in Exploit Pack, please check the section "First Steps"

Never run exploit code on production networks or systems without explicit authorisation.

Keep your JVM and OS updated with security patches.

When performing client engagements, follow the rules of engagement and always get written authorisation.

Do you still need help? Feel free to contact us. We can help you out with the installation or with any other technical questions regarding the use of our tools.

PreviousExploit PackNextFirst steps

Last updated

Was this helpful?