Crowbar - A windows post exploitation tool

Overview

Crowbar - A windows post exploitation tool

image

Status - ✔️

This project is now considered finished. Any updates from now on will most likely be new scripts/utilities or just bug fixes. I will try to update/add anything I can to improve this project as frequently as possible. More coming soon!

Update logs

[4/25/21] - Added 2 new scripts and 5 utilities. Added a new option in the main menu called 'WSL' which checks to see if the target machine has 'Windows Subsystem for Linux' installed.

[4/24/21] - Added new scripts and fixed minor issues. Added an extra utility.

[4/18/21] - Added a new directory called 'Escalate' to aid in the process of privilege escalation, added 3 more scripts, added a new feature for the 'Scripts' directory called 'Hail Mary' which launches all of the scripts against the target machine, removed 1 broken utility, and fixed minor bugs. More stuff coming out soon.

[4/15/21] - Added a new tool called 'iPower' for executing system commands via PowerShell. Fixed minor bugs, added a powershell script execution bypass, and fixed up the powershell modules. More scripts and utilities coming soon.

[4/15/21] - Crowbar V2! The whole framework was completely recoded and re-designed. I have added 30 scripts and 1 extra utility.

[4/15/21] - Whole rework coming soon.

[4/14/21] - Added 'iMonitor' menu. Fixed some minor menu issues. Added 6 scripts and 2 extra utilities.

[4/13/21] - Added 'Connect Hub' menu. Fixed minor issues.

Installation

[Make sure you have CMD open in the Crowbar folder]

[And yes, to execute the .bat file just put the name and the extension.]

requirements.bat
python main.py

Screenshots

image image image image image

You might also like...
A collection of intelligence about Log4Shell and its exploitation activity

Log4Shell-IOCs Members of the Curated Intelligence Trust Group have compiled a list of IOC feeds and threat reports focused on the recent Log4Shell ex

Salesforce Recon and Exploitation Toolkit

Salesforce Recon and Exploitation Toolkit Salesforce Recon and Exploitation Toolkit Usage python3 main.py URL References Announcement Blog - https:/

VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit
VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit

Vortex VPN Overall Reconnaissance, Testing, Enumeration and Exploitation Toolkit Overview A very simple Python framework, inspired by SprayingToolkit,

log4j2 passive burp rce scanning tool get post cookie full parameter recognition
log4j2 passive burp rce scanning tool get post cookie full parameter recognition

log4j2_burp_scan 自用脚本log4j2 被动 burp rce扫描工具 get post cookie 全参数识别,在ceye.io api速率限制下,最大线程扫描每一个参数,记录过滤已检测地址,重复地址 token替换为你自己的http://ceye.io/ token 和域名地址

Log4jake works by spidering a web application for GET/POST requests

Log4jake Log4jake works by spidering a web application for GET/POST requests. It will then automatically execute the GET/POST requests, filling any di

This tool help you to check if your Windows machine has hidden miner.

Hidden Miner Detector This tool help you to check if your Windows machine has hidden miner. Miners track when you open antivirus software or task mana

Virus-Builder - This tool will generate a virus that can only destroy Windows computer
Virus-Builder - This tool will generate a virus that can only destroy Windows computer

Virus-Builder - This tool will generate a virus that can only destroy Windows computer. You can also configure to auto run in usb drive

Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules
Arbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules

About: Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux an

Windows Stack Based Auto Buffer Overflow Exploiter
Windows Stack Based Auto Buffer Overflow Exploiter

Autoflow - Windows Stack Based Auto Buffer Overflow Exploiter Autoflow is a tool that exploits windows stack based buffer overflow automatically.

Comments
  • idk

    idk

    File "C:\Users\yoyo\AppData\Roaming\Python\Python310\site-packages\urllib3\util\connection.py", line 72, in create_connection for res in socket.getaddrinfo(host, port, family, socket.SOCK_STREAM): File "C:\Program Files\Python310\lib\socket.py", line 955, in getaddrinfo for res in _socket.getaddrinfo(host, port, family, type, proto, flags): socket.gaierror: [Errno 11001] getaddrinfo failed

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last): File "C:\Users\yoyo\AppData\Roaming\Python\Python310\site-packages\urllib3\connectionpool.py", line 703, in urlopen httplib_response = self._make_request( File "C:\Users\yoyo\AppData\Roaming\Python\Python310\site-packages\urllib3\connectionpool.py", line 386, in _make_request self._validate_conn(conn) File "C:\Users\yoyo\AppData\Roaming\Python\Python310\site-packages\urllib3\connectionpool.py", line 1042, in _validate_conn conn.connect() File "C:\Users\yoyo\AppData\Roaming\Python\Python310\site-packages\urllib3\connection.py", line 358, in connect self.sock = conn = self._new_conn() File "C:\Users\yoyo\AppData\Roaming\Python\Python310\site-packages\urllib3\connection.py", line 186, in _new_conn raise NewConnectionError( urllib3.exceptions.NewConnectionError: <urllib3.connection.HTTPSConnection object at 0x0000023DE11F33D0>: Failed to establish a new connection: [Errno 11001] getaddrinfo failed

    During handling of the above exception, another exception occurred:

    opened by Anonymous0101010010 0
Owner
null
A windows post exploitation tool that contains a lot of features for information gathering and more.

Crowbar - A windows post exploitation tool Status - ✔️ This project is now considered finished. Any updates from now on will most likely be new script

null 29 Nov 20, 2022
Jolokia Exploitation Toolkit (JET) helps exploitation of exposed jolokia endpoints.

jolokia-exploitation-toolkit Jolokia Exploitation Toolkit (JET) helps exploitation of exposed jolokia endpoints. Core concept Jolokia is a protocol br

Laluka 194 Jan 1, 2023
An open-source post-exploitation framework for students, researchers and developers.

Questions? Join the Discord support server Disclaimer: This project should be used for authorized testing or educational purposes only. BYOB is an ope

dvm 8.1k Dec 31, 2022
Proof-of-concept obfuscation toolkit for C# post-exploitation tools

InvisibilityCloak Proof-of-concept obfuscation toolkit for C# post-exploitation tools. This will perform the below actions for a C# visual studio proj

null 259 Dec 19, 2022
Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, downloads, history, and more.

ChromePE [Linux/Windows] Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, download

Finn Lancaster 3 Oct 5, 2022
CamOver is a camera exploitation tool that allows to disclosure network camera admin password.

CamOver is a camera exploitation tool that allows to disclosure network camera admin password. Features Exploits vulnerabilities in most popul

EntySec 247 Jan 2, 2023
neo Tool is great one in binary exploitation topic

neo Tool is great one in binary exploitation topic. instead of doing several missions by many tools and windows, you can now automate this in one tool in one session.. Enjoy it

Hamza Elansari 4 Oct 10, 2022
Windows Virus who destroy some impotants files on C:\windows\system32\

psychic-robot Windows Virus who destroy some importants files on C:\windows\system32\ Signatures of psychic-robot.PY (python file) : Bkav Pro : ASP.We

H-Tech-Dev36 1 Jan 6, 2022
SSRF search vulnerabilities exploitation extended.

This tool search for SSRF using predefined settings in different parts of a request (path, host, headers, post and get parameters).

Andri Wahyudi 13 Jul 4, 2021
Vulnerability Exploitation Code Collection Repository

Introduction expbox is an exploit code collection repository List CVE-2021-41349 Exchange XSS PoC <= Exchange 2013 update 23 <= Exchange 2016 update 2

0x0021h 263 Feb 14, 2022