nccgroup / Gtfoblookup
Licence: gpl-3.0
Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)
Stars: ✭ 123
Programming Languages
python
139335 projects - #7 most used programming language
Labels
Projects that are alternatives of or similar to Gtfoblookup
Diamorphine
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+489.43%)
Mutual labels: pentesting, redteam
Ldap search
Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-36.59%)
Mutual labels: pentesting, redteam
Perun
Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (+528.46%)
Mutual labels: pentesting, redteam
Mxtract
mXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (+305.69%)
Mutual labels: pentesting, redteam
Winpwn
Automation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+959.35%)
Mutual labels: pentesting, redteam
Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (+306.5%)
Mutual labels: pentesting, redteam
Red Team Curation List
A list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-44.72%)
Mutual labels: pentesting, redteam
Impost3r
👻Impost3r -- A linux password thief
Stars: ✭ 355 (+188.62%)
Mutual labels: pentesting, redteam
Thecollective
The Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-30.89%)
Mutual labels: pentesting, redteam
Pentesting Cookbook
A set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-33.33%)
Mutual labels: pentesting, redteam
Octopus
Open source pre-operation C2 server based on python and powershell
Stars: ✭ 449 (+265.04%)
Mutual labels: pentesting, redteam
Fireelf
fireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (+253.66%)
Mutual labels: pentesting, redteam
Lockdoor Framework
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+450.41%)
Mutual labels: pentesting, redteam
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+210.57%)
Mutual labels: pentesting, redteam
Pentesting Bible
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+7201.63%)
Mutual labels: pentesting, redteam
Cobalt strike extension kit
Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
Stars: ✭ 345 (+180.49%)
Mutual labels: pentesting, redteam
Venom
Venom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+898.37%)
Mutual labels: pentesting, redteam
Resource files
mosquito - Automating reconnaissance and brute force attacks
Stars: ✭ 95 (-22.76%)
Mutual labels: pentesting, redteam
GTFOBLookup
Offline command line lookup utility for GTFOBins and LOLBAS.
Files
- .gitignore: Gitignore file
- gtfoblookup.1: Linux man page for GTFOBLookup
- gtfoblookup.py: GTFOBLookup utility
- LICENSE.md: License file
- README.md: This file
- requirements.txt: List of required Python packages
Dependencies
Whilst GTFOBLookup will run in Python2.7, some features require Python3.
GTFOBLookup requires the following non-standard Python libraries to be installed:
- appdirs (
pip install appdirs) - colorama (
pip install colorama) - git (
pip install gitpython) - yaml (
pip install pyyaml)
These can all be installed with the following command: pip install -r requirements.txt
Installation/Setup
To install GTFOBLookup, git clone the repository to your machine and run gtfoblookup.py update whilst connected to the internet:
usage
On Linux, navigate to the GTFOBLookup directory and run man ./gtfoblookup.1 or see below:
gtfoblookup.py [-h] {update,purge,linux,windows} ...
OPTIONS
Sub-commands
gtfoblookup.py update
update local copies of repositories
gtfoblookup.py purge
remove local copies of repositories
gtfoblookup.py linux
search the local copy of GTFOBins
gtfoblookup.py windows
search the local copy of LOLBAS
OPTIONS 'gtfoblookup.py update'
usage: gtfoblookup.py update [-h] [-r repo]
-r repo, --repo repo
Only update the specified repository
OPTIONS 'gtfoblookup.py purge'
usage: gtfoblookup.py purge [-h] [-r repo]
-r repo, --repo repo
Only delete the specified repository
OPTIONS 'gtfoblookup.py linux'
usage: gtfoblookup.py linux [-h] [-l list]
{shell,cmd,rev,nrev,bind,nbind,upload,download,write,read,load,suid,sudo,cap,lsuid,all}
...
Sub-commands
gtfoblookup.py linux shell
search the 'shell' category of GTFOBins
gtfoblookup.py linux cmd
search the 'command' category of GTFOBins
gtfoblookup.py linux rev
search the 'reverse-shell' category of GTFOBins
gtfoblookup.py linux nrev
search the 'non-interactive-reverse-shell' category of GTFOBins
gtfoblookup.py linux bind
search the 'bind-shell' category of GTFOBins
gtfoblookup.py linux nbind
search the 'non-interactive-bind-shell' category of GTFOBins
gtfoblookup.py linux upload
search the 'file-upload' category of GTFOBins
gtfoblookup.py linux download
search the 'file-download' category of GTFOBins
gtfoblookup.py linux write
search the 'file-write' category of GTFOBins
gtfoblookup.py linux read
search the 'file-read' category of GTFOBins
gtfoblookup.py linux load
search the 'library-load' category of GTFOBins
gtfoblookup.py linux suid
search the 'suid' category of GTFOBins
gtfoblookup.py linux sudo
search the 'sudo' category of GTFOBins
gtfoblookup.py linux cap
search the 'capabilities' category of GTFOBins
gtfoblookup.py linux lsuid
search the 'limited-suid' category of GTFOBins
gtfoblookup.py linux all
search all categories of GTFOBins
OPTIONS 'gtfoblookup.py linux shell'
usage: gtfoblookup.py linux shell [-h] [-f] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
OPTIONS 'gtfoblookup.py linux cmd'
usage: gtfoblookup.py linux cmd [-h] [-f] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
OPTIONS 'gtfoblookup.py linux rev'
usage: gtfoblookup.py linux rev [-h] [-f] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
OPTIONS 'gtfoblookup.py linux nrev'
usage: gtfoblookup.py linux nrev [-h] [-f] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
OPTIONS 'gtfoblookup.py linux bind'
usage: gtfoblookup.py linux bind [-h] [-f] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
OPTIONS 'gtfoblookup.py linux nbind'
usage: gtfoblookup.py linux nbind [-h] [-f] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
OPTIONS 'gtfoblookup.py linux upload'
usage: gtfoblookup.py linux upload [-h] [-f] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
OPTIONS 'gtfoblookup.py linux download'
usage: gtfoblookup.py linux download [-h] [-f] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
OPTIONS 'gtfoblookup.py linux write'
usage: gtfoblookup.py linux write [-h] [-f] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
OPTIONS 'gtfoblookup.py linux read'
usage: gtfoblookup.py linux read [-h] [-f] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
OPTIONS 'gtfoblookup.py linux load'
usage: gtfoblookup.py linux load [-h] [-f] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
OPTIONS 'gtfoblookup.py linux suid'
usage: gtfoblookup.py linux suid [-h] [-f] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
OPTIONS 'gtfoblookup.py linux sudo'
usage: gtfoblookup.py linux sudo [-h] [-f] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
OPTIONS 'gtfoblookup.py linux cap'
usage: gtfoblookup.py linux cap [-h] [-f] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
OPTIONS 'gtfoblookup.py linux lsuid'
usage: gtfoblookup.py linux lsuid [-h] [-f] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
OPTIONS 'gtfoblookup.py linux all'
usage: gtfoblookup.py linux all [-h] [-f] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
-l list, --list list
list all types/categories/executables featured in the local copy of GTFOBins
OPTIONS 'gtfoblookup.py windows'
usage: gtfoblookup.py windows [-h] [-l list]
{ads,awl,comp,copy,creds,decode,download,dump,encode,exec,recon,uac,upload,all}
...
Sub-commands
gtfoblookup.py windows ads
search the 'ADS' category of LOLBAS
gtfoblookup.py windows awl
search the 'AWL Bypass' category of LOLBAS
gtfoblookup.py windows comp
search the 'Compile' category of LOLBAS
gtfoblookup.py windows copy
search the 'Copy' category of LOLBAS
gtfoblookup.py windows creds
search the 'Credentials' category of LOLBAS
gtfoblookup.py windows decode
search the 'Decode' category of LOLBAS
gtfoblookup.py windows download
search the 'Download' category of LOLBAS
gtfoblookup.py windows dump
search the 'Dump' category of LOLBAS
gtfoblookup.py windows encode
search the 'Encode' category of LOLBAS
gtfoblookup.py windows exec
search the 'Execute' category of LOLBAS
gtfoblookup.py windows recon
search the 'Reconnaissance' category of LOLBAS
gtfoblookup.py windows uac
search the 'UAC Bypass' category of LOLBAS
gtfoblookup.py windows upload
search the 'Upload' category of LOLBAS
gtfoblookup.py windows all
search all categories of LOLBAS
OPTIONS 'gtfoblookup.py windows ads'
usage: gtfoblookup.py windows ads [-h] [-f] [-t type] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
-t type, --type type
search for a specific type of executable
OPTIONS 'gtfoblookup.py windows awl'
usage: gtfoblookup.py windows awl [-h] [-f] [-t type] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
-t type, --type type
search for a specific type of executable
OPTIONS 'gtfoblookup.py windows comp'
usage: gtfoblookup.py windows comp [-h] [-f] [-t type] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
-t type, --type type
search for a specific type of executable
OPTIONS 'gtfoblookup.py windows copy'
usage: gtfoblookup.py windows copy [-h] [-f] [-t type] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
-t type, --type type
search for a specific type of executable
OPTIONS 'gtfoblookup.py windows creds'
usage: gtfoblookup.py windows creds [-h] [-f] [-t type] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
-t type, --type type
search for a specific type of executable
OPTIONS 'gtfoblookup.py windows decode'
usage: gtfoblookup.py windows decode [-h] [-f] [-t type] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
-t type, --type type
search for a specific type of executable
OPTIONS 'gtfoblookup.py windows download'
usage: gtfoblookup.py windows download [-h] [-f] [-t type] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
-t type, --type type
search for a specific type of executable
OPTIONS 'gtfoblookup.py windows dump'
usage: gtfoblookup.py windows dump [-h] [-f] [-t type] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
-t type, --type type
search for a specific type of executable
OPTIONS 'gtfoblookup.py windows encode'
usage: gtfoblookup.py windows encode [-h] [-f] [-t type] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
-t type, --type type
search for a specific type of executable
OPTIONS 'gtfoblookup.py windows exec'
usage: gtfoblookup.py windows exec [-h] [-f] [-t type] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
-t type, --type type
search for a specific type of executable
OPTIONS 'gtfoblookup.py windows recon'
usage: gtfoblookup.py windows recon [-h] [-f] [-t type] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
-t type, --type type
search for a specific type of executable
OPTIONS 'gtfoblookup.py windows uac'
usage: gtfoblookup.py windows uac [-h] [-f] [-t type] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
-t type, --type type
search for a specific type of executable
OPTIONS 'gtfoblookup.py windows upload'
usage: gtfoblookup.py windows upload [-h] [-f] [-t type] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
-t type, --type type
search for a specific type of executable
OPTIONS 'gtfoblookup.py windows all'
usage: gtfoblookup.py windows all [-h] [-f] [-t type] executable
executable
the executable to search for
-f, --file
use a file containing a list of executables (one per line) instead of a single
executable
-t type, --type type
search for a specific type of executable
-l list, --list list
list all types/categories/executables featured in the local copy of LOLBAS
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].