What is Ninjutsu-OS ?

Ninjutsu-OS is a specialized operating system based on Windows 10 (build 1909), which contains more than 800 tools for pen testing. This is Kali Linux, except it’s from the Windows world. The release is quite fresh, compiled on 18.04.2020.

The installation of the OS itself does not differ from the standard Win 10 installation, except that it takes much longer.

Once the OS itself is started, it will take about 10 minutes for everything to be installed and configured. After all the manipulations we are greeted by a slightly overloaded (in my opinion) and very colorful desktop.

Now let’s have a look at what’s inside.

In total, over 800 utilities have been included in the assembly. Some of them had to be adapted by the author to run on Windows.

At the top there is a separate bar where all of the utilities are collected into categories for quick access. The categorization of the utilities is done with an emphasis on the OSCP methodology, looking back at the categorization in Kali Linux:

  • Mr.Robot tools kit – the most frequently used utilities and other additional materials, according to the author of the build. A personal top, so to speak;
  • Red Teaming – the most frequently used utilities for testing by category. In fact, it is all top utilities from all categories below under one tab;
  • Information Gathering – collecting information;
  • Exploitation Tools – exploitation of vulnerabilities;
  • Malware analysis ;
  • Mobile Security Tools – testing mobile devices;
  • Network Attack ;
  • Password Attacks – cracking passwords;
  • Proxy and Privacy Tools – proxies and anonymizers;
  • Reverse Engineering ;
  • Stress Testing – stress testing (DDoS);
  • Vulnerability Analysis – search for vulnerabilities;
  • Web Application Attack – web-pentest;
  • Wireless Attacks – attacks on wireless networks (Wi-Fi and Bluetooth),
  • Fuzzing and payloads ;
  • Remote Control Tools – remote management;
  • Utility Tools – other auxiliary utilities (Winrar, MySQL, etc.);

The full list of available utilities can be found on the project website. The OS is perfect for both simple pentest, as well as people involved in reverse engineering, OSINT or malware analysis. In a few days on the OS I have not seen any critical bugs or software glitches. I was testing the release while working on Hack the Box and other OSINT projects.

One of the highlights for me are the Aliases for console commands that the author has added.

The full list of Aliases can be viewed on the project website. In general, it is extremely easy to work with.

In this article, I did not intend to do any in-depth analysis of the OS or the toolset. I decided to share with you another option to Kali Linux.

If you are generally interested in having an analogue of Kali Linux in your arsenal only in the Windows ecosystem, then do not pass by! Be sure to test this operating system and write to the author about what you would like to bring or remove in it.