What is Crab Bot?

Crab Bot is an advanced open-source cybersecurity assistant that leverages AI-driven analysis and modular scripts to perform network scanning, vulnerability assessment, payload generation, and log anomaly detection. Built for defenders & ethical offensive security researchers, it integrates seamlessly with modern cloud and on-prem environments.

Disclaimer: Use Crab Bot only on authorized systems. The developers assume no liability for misuse.

With a blazing-fast CLI and REST API mode, Crab Bot helps automate repetitive security tasks, from OSINT gathering to honeypot detection. Its red-yellow signature symbolizes aggression (red team) and caution (yellow: awareness).

Core Capabilities

Port Scanning

Async stealth scanning

Log Parser

Analyze auth logs, web logs

OSINT

Domain recon & email hunter

Exploit Suggester

CVE matching & automation

Real-time Alerts

Webhook integrations

Everything is modular: you can enable/disable plugins, write custom scripts in Python or Bash, and Crab Bot will orchestrate them. The tool also ships with AI-powered log summarizer and threat intel feeds.

Install using Git

Follow these steps to clone and deploy Crab Bot on your Linux/macOS or WSL environment. Ensure git and python3.9+ are installed.

# 1. Clone the official repository
git clone https://github.com/Iankulani/crab-bot-v0.0.2.git

# 2. Move into the directory
cd crab-bot-v0.0.2

# 3. (Optional) Create virtual environment
python3 -m venv venv
source venv/bin/activate   # On Windows: venv\Scripts\activate

# 4. Install dependencies
pip install -r requirements.txt

# 5. Setup configuration
cp config.yaml.example config.yaml
nano config.yaml   # edit API keys, thresholds

# 6. Run crab-bot-v0.0.2
python3 crab-bot-v0.0.2
Alternative using git clone via SSH: `git clone git@github.com:crabsec/crab-bot.git`. After installation, verify with `crab-bot --version`.

For Docker enthusiasts: docker pull crabsec/crab-bot:latest is also available โ€” refer to our Docker docs.

Quick Start & CLI Demo

Test basic scanning after installation:

# Basic port scan (stealth mode)
scan 192.168.1.0/24 -p 1-1000 --threads 50

# Add Ip to Monitor
add_ip 127.0.0.7

# nmap
nmap 127.0.0.1

# analye IP
 analyze IP

Use crab-bot --help to see all 40+ commands. Crab Bot also features an interactive shell mode (crab-bot shell) to run live commands.

Modules & Extensibility

Crab Bot's architecture is built on a plugin manager. Available official modules:

  • Reconnaissance: subdomain enumeration, whois, DNS brute
  • Exploitation: custom payloads, reverse shell helper, Metasploit RPC bridge
  • Forensics: memory dump analyzers & YARA rule scanner
  • Reporting: PDF/HTML report generation + Slack/Webhook alerts

To enable a custom module, drop your Python script into modules/custom/ and register via config. Crab Bot supports integration with Burp Suite, Nmap, and Nuclei.

Yellow/Red philosophy: Red actions (active exploitation) and Yellow actions (detection, warnings) are color-coded in output, making operations intuitive.