nccgroup / Gtfoblookup
Licence: gpl-3.0
Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)
Stars: ✭ 123
Programming Languages
python
139335 projects - #7 most used programming language
Labels
Projects that are alternatives of or similar to Gtfoblookup
Diamorphine
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+489.43%)
Mutual labels: pentesting, redteam
Ldap search
Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-36.59%)
Mutual labels: pentesting, redteam
Perun
Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (+528.46%)
Mutual labels: pentesting, redteam
Mxtract
mXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (+305.69%)
Mutual labels: pentesting, redteam
Winpwn
Automation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+959.35%)
Mutual labels: pentesting, redteam
Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (+306.5%)
Mutual labels: pentesting, redteam
Red Team Curation List
A list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-44.72%)
Mutual labels: pentesting, redteam
Impost3r
👻Impost3r -- A linux password thief
Stars: ✭ 355 (+188.62%)
Mutual labels: pentesting, redteam
Thecollective
The Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-30.89%)
Mutual labels: pentesting, redteam
Pentesting Cookbook
A set of recipes useful in pentesting and red teaming scenarios
Stars: ✭ 82 (-33.33%)
Mutual labels: pentesting, redteam
Octopus
Open source pre-operation C2 server based on python and powershell
Stars: ✭ 449 (+265.04%)
Mutual labels: pentesting, redteam
Fireelf
fireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (+253.66%)
Mutual labels: pentesting, redteam
Lockdoor Framework
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+450.41%)
Mutual labels: pentesting, redteam
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+210.57%)
Mutual labels: pentesting, redteam
Pentesting Bible
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+7201.63%)
Mutual labels: pentesting, redteam
Cobalt strike extension kit
Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
Stars: ✭ 345 (+180.49%)
Mutual labels: pentesting, redteam
Venom
Venom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+898.37%)
Mutual labels: pentesting, redteam
Resource files
mosquito - Automating reconnaissance and brute force attacks
Stars: ✭ 95 (-22.76%)
Mutual labels: pentesting, redteam
GTFOBLookup
Offline command line lookup utility for GTFOBins and LOLBAS.
Files
- .gitignore: Gitignore file
- gtfoblookup.1: Linux man page for GTFOBLookup
- gtfoblookup.py: GTFOBLookup utility
- LICENSE.md: License file
- README.md: This file
- requirements.txt: List of required Python packages
Dependencies
Whilst GTFOBLookup will run in Python2.7, some features require Python3.
GTFOBLookup requires the following non-standard Python libraries to be installed:
- appdirs (
pip install appdirs
) - colorama (
pip install colorama
) - git (
pip install gitpython
) - yaml (
pip install pyyaml
)
These can all be installed with the following command: pip install -r requirements.txt
Installation/Setup
To install GTFOBLookup, git clone the repository to your machine and run gtfoblookup.py update
whilst connected to the internet:
usage
On Linux, navigate to the GTFOBLookup directory and run man ./gtfoblookup.1
or see below:
gtfoblookup.py [-h] {update,purge,linux,windows} ... OPTIONS Sub-commands gtfoblookup.py update update local copies of repositories gtfoblookup.py purge remove local copies of repositories gtfoblookup.py linux search the local copy of GTFOBins gtfoblookup.py windows search the local copy of LOLBAS OPTIONS 'gtfoblookup.py update' usage: gtfoblookup.py update [-h] [-r repo] -r repo, --repo repo Only update the specified repository OPTIONS 'gtfoblookup.py purge' usage: gtfoblookup.py purge [-h] [-r repo] -r repo, --repo repo Only delete the specified repository OPTIONS 'gtfoblookup.py linux' usage: gtfoblookup.py linux [-h] [-l list] {shell,cmd,rev,nrev,bind,nbind,upload,download,write,read,load,suid,sudo,cap,lsuid,all} ... Sub-commands gtfoblookup.py linux shell search the 'shell' category of GTFOBins gtfoblookup.py linux cmd search the 'command' category of GTFOBins gtfoblookup.py linux rev search the 'reverse-shell' category of GTFOBins gtfoblookup.py linux nrev search the 'non-interactive-reverse-shell' category of GTFOBins gtfoblookup.py linux bind search the 'bind-shell' category of GTFOBins gtfoblookup.py linux nbind search the 'non-interactive-bind-shell' category of GTFOBins gtfoblookup.py linux upload search the 'file-upload' category of GTFOBins gtfoblookup.py linux download search the 'file-download' category of GTFOBins gtfoblookup.py linux write search the 'file-write' category of GTFOBins gtfoblookup.py linux read search the 'file-read' category of GTFOBins gtfoblookup.py linux load search the 'library-load' category of GTFOBins gtfoblookup.py linux suid search the 'suid' category of GTFOBins gtfoblookup.py linux sudo search the 'sudo' category of GTFOBins gtfoblookup.py linux cap search the 'capabilities' category of GTFOBins gtfoblookup.py linux lsuid search the 'limited-suid' category of GTFOBins gtfoblookup.py linux all search all categories of GTFOBins OPTIONS 'gtfoblookup.py linux shell' usage: gtfoblookup.py linux shell [-h] [-f] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable OPTIONS 'gtfoblookup.py linux cmd' usage: gtfoblookup.py linux cmd [-h] [-f] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable OPTIONS 'gtfoblookup.py linux rev' usage: gtfoblookup.py linux rev [-h] [-f] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable OPTIONS 'gtfoblookup.py linux nrev' usage: gtfoblookup.py linux nrev [-h] [-f] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable OPTIONS 'gtfoblookup.py linux bind' usage: gtfoblookup.py linux bind [-h] [-f] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable OPTIONS 'gtfoblookup.py linux nbind' usage: gtfoblookup.py linux nbind [-h] [-f] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable OPTIONS 'gtfoblookup.py linux upload' usage: gtfoblookup.py linux upload [-h] [-f] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable OPTIONS 'gtfoblookup.py linux download' usage: gtfoblookup.py linux download [-h] [-f] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable OPTIONS 'gtfoblookup.py linux write' usage: gtfoblookup.py linux write [-h] [-f] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable OPTIONS 'gtfoblookup.py linux read' usage: gtfoblookup.py linux read [-h] [-f] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable OPTIONS 'gtfoblookup.py linux load' usage: gtfoblookup.py linux load [-h] [-f] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable OPTIONS 'gtfoblookup.py linux suid' usage: gtfoblookup.py linux suid [-h] [-f] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable OPTIONS 'gtfoblookup.py linux sudo' usage: gtfoblookup.py linux sudo [-h] [-f] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable OPTIONS 'gtfoblookup.py linux cap' usage: gtfoblookup.py linux cap [-h] [-f] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable OPTIONS 'gtfoblookup.py linux lsuid' usage: gtfoblookup.py linux lsuid [-h] [-f] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable OPTIONS 'gtfoblookup.py linux all' usage: gtfoblookup.py linux all [-h] [-f] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable -l list, --list list list all types/categories/executables featured in the local copy of GTFOBins OPTIONS 'gtfoblookup.py windows' usage: gtfoblookup.py windows [-h] [-l list] {ads,awl,comp,copy,creds,decode,download,dump,encode,exec,recon,uac,upload,all} ... Sub-commands gtfoblookup.py windows ads search the 'ADS' category of LOLBAS gtfoblookup.py windows awl search the 'AWL Bypass' category of LOLBAS gtfoblookup.py windows comp search the 'Compile' category of LOLBAS gtfoblookup.py windows copy search the 'Copy' category of LOLBAS gtfoblookup.py windows creds search the 'Credentials' category of LOLBAS gtfoblookup.py windows decode search the 'Decode' category of LOLBAS gtfoblookup.py windows download search the 'Download' category of LOLBAS gtfoblookup.py windows dump search the 'Dump' category of LOLBAS gtfoblookup.py windows encode search the 'Encode' category of LOLBAS gtfoblookup.py windows exec search the 'Execute' category of LOLBAS gtfoblookup.py windows recon search the 'Reconnaissance' category of LOLBAS gtfoblookup.py windows uac search the 'UAC Bypass' category of LOLBAS gtfoblookup.py windows upload search the 'Upload' category of LOLBAS gtfoblookup.py windows all search all categories of LOLBAS OPTIONS 'gtfoblookup.py windows ads' usage: gtfoblookup.py windows ads [-h] [-f] [-t type] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable -t type, --type type search for a specific type of executable OPTIONS 'gtfoblookup.py windows awl' usage: gtfoblookup.py windows awl [-h] [-f] [-t type] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable -t type, --type type search for a specific type of executable OPTIONS 'gtfoblookup.py windows comp' usage: gtfoblookup.py windows comp [-h] [-f] [-t type] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable -t type, --type type search for a specific type of executable OPTIONS 'gtfoblookup.py windows copy' usage: gtfoblookup.py windows copy [-h] [-f] [-t type] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable -t type, --type type search for a specific type of executable OPTIONS 'gtfoblookup.py windows creds' usage: gtfoblookup.py windows creds [-h] [-f] [-t type] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable -t type, --type type search for a specific type of executable OPTIONS 'gtfoblookup.py windows decode' usage: gtfoblookup.py windows decode [-h] [-f] [-t type] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable -t type, --type type search for a specific type of executable OPTIONS 'gtfoblookup.py windows download' usage: gtfoblookup.py windows download [-h] [-f] [-t type] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable -t type, --type type search for a specific type of executable OPTIONS 'gtfoblookup.py windows dump' usage: gtfoblookup.py windows dump [-h] [-f] [-t type] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable -t type, --type type search for a specific type of executable OPTIONS 'gtfoblookup.py windows encode' usage: gtfoblookup.py windows encode [-h] [-f] [-t type] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable -t type, --type type search for a specific type of executable OPTIONS 'gtfoblookup.py windows exec' usage: gtfoblookup.py windows exec [-h] [-f] [-t type] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable -t type, --type type search for a specific type of executable OPTIONS 'gtfoblookup.py windows recon' usage: gtfoblookup.py windows recon [-h] [-f] [-t type] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable -t type, --type type search for a specific type of executable OPTIONS 'gtfoblookup.py windows uac' usage: gtfoblookup.py windows uac [-h] [-f] [-t type] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable -t type, --type type search for a specific type of executable OPTIONS 'gtfoblookup.py windows upload' usage: gtfoblookup.py windows upload [-h] [-f] [-t type] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable -t type, --type type search for a specific type of executable OPTIONS 'gtfoblookup.py windows all' usage: gtfoblookup.py windows all [-h] [-f] [-t type] executable executable the executable to search for -f, --file use a file containing a list of executables (one per line) instead of a single executable -t type, --type type search for a specific type of executable -l list, --list list list all types/categories/executables featured in the local copy of LOLBAS
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].