Windows XP remote management toolkit with SSH and agent transports.

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for nficano from gravatar.com nficano

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Nick Ficano
  • Tags automation , debugging , reverse-engineering , ssh , windows-xp
  • Requires: Python >=3.12
  • Provides-Extra: dev , docs
Classifiers
Report project as malware

Project description

Windows XP logo

xpctl is a Python CLI and library for managing a Windows XP target over either a direct TCP agent or SSH. It packages the agent, the transport clients, and the higher-level reverse-engineering helpers in one installable project.

What is included

  • A Python API for executing commands, transferring files, and managing the agent
  • A Click-based CLI for day-to-day operations
  • A packaged Python 3.4-compatible XP agent
  • Reverse-engineering helpers for debugger, COM, memory, and GUI workflows
  • GitHub Actions for CI, docs deployment, and automated releases to PyPI
  • A devcontainer for contributor onboarding

Installation

pip install xpctl

Quick start

xpctl configure
xpctl --help

For development:

python3.14 -m venv .venv
. .venv/bin/activate
pip install -e ".[dev,docs]"

The repository includes .python-version pinned to 3.14.3 so tools like pyenv and pipenv resolve a consistent default interpreter. The package targets the latest three CPython releases and currently supports Python 3.12+ at runtime.

Common commands:

xpctl configure --profile lab
xpctl setup bootstrap
xpctl ping
xpctl --profile lab ping
xpctl --profile lab ps
xpctl --profile lab upload ./local.bin "C:\\xpctl\\tmp\\local.bin"
xpctl --profile lab agent status

xpctl configure behaves like aws configure: it walks through host, port, username, password, and transport settings, validates the connection live, and writes profiles to ~/.xpcli/config.

Bundled installers

The repo keeps Windows XP tooling archives under installs/.

  • python-3.4.10.zip: Python 3.4.10 for Windows XP. This is an unofficial build kept here because a Python 3.4-compatible runtime is needed for the XP agent.
  • setup-x86-2.874.exe: Cygwin setup bootstrap pinned to a Windows XP-era snapshot. The XP bootstrap batch installs from http://ctm.crouchingtigerhiddenfruitbat.org/pub/cygwin/circa/2016/08/30/104223/.
  • ollydbg-1.10.zip: OllyDbg 1.10.
  • x64dbg-2025.08.19.zip: x64dbg snapshot based on the 2025.08.19 release. This is the last working release I could find.
  • windbg: placeholder, archive to be added later.
  • cdb: placeholder, archive to be added later.

XP bootstrap bundle

If you need to bring up a fresh XP VM, generate a local bootstrap bundle:

xpctl setup bootstrap

That writes artifacts/xp-bootstrap/ with:

  • bootstrap_xpctl.bat
  • python-3.4.10.zip
  • setup-x86-2.874.exe
  • agent.py

Copy that directory onto the XP machine and run bootstrap_xpctl.bat as an administrator:

cd D:\xp-bootstrap
bootstrap_xpctl.bat

The batch file performs the following steps:

  1. Installs Cygwin packages (bash, openssh, unzip, curl) from a pinned 2016 HTTP mirror
  2. Unpacks and installs Python 3.4.10 to C:\Python34
  3. Installs the Visual C++ runtime
  4. Configures the Cygwin sshd service (user: cyg_server, password: xpctl-sshd)
  5. Copies the packaged agent to C:\xpctl\agent.py and starts it on port 9578
  6. Opens firewall ports for SSH (22) and the agent (9578)

The script waits up to 30 seconds for the agent to begin listening before exiting. Once it completes, you can connect from your host with xpctl ping.

Development

make install
make lint
make test
make build
make docs

The docs are built with MkDocs Material and are intended to be published through GitHub Pages.

Release automation

Releases are published through .github/workflows/release.yml. That workflow uses debaser to generate a deterministic human-readable release name from the Git SHA.

Pushes to main automatically cut a patch release unless the commit is already a generated Release v... commit. Manual annotated v<version> tags still publish through the same workflow, which keeps PyPI trusted publishing pinned to a single workflow file.

Local release flow:

brew install debaser
make release BUMP=patch

That command:

  • bumps src/xpctl/__about__.py
  • creates a commit and annotated v<version> tag
  • pushes the branch and tag when a remote is configured

The release workflow then:

  • validates the version/tag match
  • builds the wheel and source distribution
  • publishes the package to PyPI
  • creates a GitHub Release with a debaser-generated title

Documentation

Documentation sources live under docs/ and are published to GitHub Pages from .github/workflows/docs.yml.

Project layout

src/xpctl/        Public package
docs/             GitHub Pages documentation
scripts/          Development and workflow helpers
tests/            Test suite
.devcontainer/    Reproducible contributor environment

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for nficano from gravatar.com nficano

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Nick Ficano
  • Tags automation , debugging , reverse-engineering , ssh , windows-xp
  • Requires: Python >=3.12
  • Provides-Extra: dev , docs
Classifiers

Release history Release notifications | RSS feed

0.1.7

This version

0.1.6

0.1.4

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

xpctl-0.1.6.tar.gz (68.2 MB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

xpctl-0.1.6-py3-none-any.whl (33.0 MB view details)

Uploaded Python 3

File details

Details for the file xpctl-0.1.6.tar.gz.

File metadata

  • Download URL: xpctl-0.1.6.tar.gz
  • Upload date:
  • Size: 68.2 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for xpctl-0.1.6.tar.gz
Algorithm Hash digest
SHA256 c5cac4c2f0236e00eb1921b86c8fe37cce44d0c967ce4332e44fa58aeaa242af
MD5 f42dc9a7a360f192a42d5ccd2649f427
BLAKE2b-256 03897d63a2fea03bba8b8786d194c2fa31689d47998a577417c141b152834045

See more details on using hashes here.

Provenance

The following attestation bundles were made for xpctl-0.1.6.tar.gz:

Publisher: release.yml on nficano/xpctl

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file xpctl-0.1.6-py3-none-any.whl.

File metadata

  • Download URL: xpctl-0.1.6-py3-none-any.whl
  • Upload date:
  • Size: 33.0 MB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for xpctl-0.1.6-py3-none-any.whl
Algorithm Hash digest
SHA256 40ecb29b9c2aa2b51b1a80ddf7fe5b85f3711f8e88efff3eac219bd578ac5f44
MD5 9ea8cc1fd65dddec471f6cce4b4fad87
BLAKE2b-256 7a7d082ba5a6f889327f2c162343fdc29ed04e3a45ee17c010fd2abddf16971c

See more details on using hashes here.

Provenance

The following attestation bundles were made for xpctl-0.1.6-py3-none-any.whl:

Publisher: release.yml on nficano/xpctl

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page