Packages and Binaries:

evil-winrm-py

Execute commands on remote Windows machines using WinRM
Python-based tool for executing commands on remote Windows machines using the WinRM (Windows Remote Management) protocol. It provides an interactive shell with enhanced features like file upload/download, command history, and colorized output. It supports various authentication methods including NTLM, Pass-the-Hash, Certificate, and Kerberos.

Installed size: 113 KB
How to install: sudo apt install evil-winrm-py

Dependencies:
  • python3
  • python3-kerberos
  • python3-prompt-toolkit
  • python3-pypsrp
  • python3-tqdm
evil-winrm-py
root@kali:~# evil-winrm-py -h
          _ _            _                             
  _____ _(_| |_____ __ _(_)_ _  _ _ _ __ ___ _ __ _  _ 
 / -_\ V | | |___\ V  V | | ' \| '_| '  |___| '_ | || |
 \___|\_/|_|_|    \_/\_/|_|_||_|_| |_|_|_|  | .__/\_, |
                                            |_|   |__/  v1.5.0

usage: evil-winrm-py [-h] -i IP [-u USER] [-p PASSWORD] [-H HASH]
                     [--priv-key-pem PRIV_KEY_PEM] [--cert-pem CERT_PEM]
                     [--uri URI] [--ua UA] [--port PORT] [--no-pass] [--ssl]
                     [--log] [--debug] [--no-colors] [--version]

options:
  -h, --help            show this help message and exit
  -i, --ip IP           remote host IP or hostname
  -u, --user USER       username
  -p, --password PASSWORD
                        password
  -H, --hash HASH       nthash
  --priv-key-pem PRIV_KEY_PEM
                        local path to private key PEM file
  --cert-pem CERT_PEM   local path to certificate PEM file
  --uri URI             wsman URI (default: /wsman)
  --ua UA               user agent for the WinRM client (default: "Microsoft WinRM Client")
  --port PORT           remote host port (default 5985)
  --no-pass             do not prompt for password
  --ssl                 use ssl
  --log                 log session to file
  --debug               enable debug logging
  --no-colors           disable colors
  --version             show version

For more information about this project, visit https://github.com/adityatelange/evil-winrm-py
For user guide, visit https://github.com/adityatelange/evil-winrm-py/blob/main/docs/usage.md
ewp
root@kali:~# ewp -h
          _ _            _                             
  _____ _(_| |_____ __ _(_)_ _  _ _ _ __ ___ _ __ _  _ 
 / -_\ V | | |___\ V  V | | ' \| '_| '  |___| '_ | || |
 \___|\_/|_|_|    \_/\_/|_|_||_|_| |_|_|_|  | .__/\_, |
                                            |_|   |__/  v1.5.0

usage: ewp [-h] -i IP [-u USER] [-p PASSWORD] [-H HASH]
           [--priv-key-pem PRIV_KEY_PEM] [--cert-pem CERT_PEM] [--uri URI]
           [--ua UA] [--port PORT] [--no-pass] [--ssl] [--log] [--debug]
           [--no-colors] [--version]

options:
  -h, --help            show this help message and exit
  -i, --ip IP           remote host IP or hostname
  -u, --user USER       username
  -p, --password PASSWORD
                        password
  -H, --hash HASH       nthash
  --priv-key-pem PRIV_KEY_PEM
                        local path to private key PEM file
  --cert-pem CERT_PEM   local path to certificate PEM file
  --uri URI             wsman URI (default: /wsman)
  --ua UA               user agent for the WinRM client (default: "Microsoft WinRM Client")
  --port PORT           remote host port (default 5985)
  --no-pass             do not prompt for password
  --ssl                 use ssl
  --log                 log session to file
  --debug               enable debug logging
  --no-colors           disable colors
  --version             show version

For more information about this project, visit https://github.com/adityatelange/evil-winrm-py
For user guide, visit https://github.com/adityatelange/evil-winrm-py/blob/main/docs/usage.md


Updated on: 2025-Dec-09