{"id":19512174,"url":"https://github.com/nccgroup/gtfoblookup","last_synced_at":"2025-04-07T13:06:01.042Z","repository":{"id":147079329,"uuid":"210396653","full_name":"nccgroup/GTFOBLookup","owner":"nccgroup","description":"Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Project/LOLBAS), WADComs (https://wadcoms.github.io), and HijackLibs (https://hijacklibs.net/).","archived":false,"fork":false,"pushed_at":"2023-06-16T22:01:43.000Z","size":96,"stargazers_count":278,"open_issues_count":0,"forks_count":39,"subscribers_count":12,"default_branch":"master","last_synced_at":"2025-03-31T11:04:22.396Z","etag":null,"topics":["gtfobins","hijacklibs","lolbas","pentesting","pentesting-tools","privesc","python","redteam","wadcoms"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nccgroup.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-09-23T16:00:18.000Z","updated_at":"2025-03-24T05:35:57.000Z","dependencies_parsed_at":null,"dependency_job_id":"2f92994b-cc7f-427f-84ea-b86c3ad65f59","html_url":"https://github.com/nccgroup/GTFOBLookup","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nccgroup%2FGTFOBLookup","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nccgroup%2FGTFOBLookup/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nccgroup%2FGTFOBLookup/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nccgroup%2FGTFOBLookup/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nccgroup","download_url":"https://codeload.github.com/nccgroup/GTFOBLookup/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247657276,"owners_count":20974344,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["gtfobins","hijacklibs","lolbas","pentesting","pentesting-tools","privesc","python","redteam","wadcoms"],"created_at":"2024-11-10T23:24:40.483Z","updated_at":"2025-04-07T13:06:01.024Z","avatar_url":"https://github.com/nccgroup.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# GTFOBLookup\nOffline command line lookup utility for [GTFOBins](https://gtfobins.github.io/), [LOLBAS](https://lolbas-project.github.io/), [WADComs](https://wadcoms.github.io), and [HijackLibs](https://hijacklibs.net/).\n\n## Files\n- **.gitignore**: Gitignore file\n- **gtfoblookup.1**: Linux man page for GTFOBLookup\n- **gtfoblookup.py**: GTFOBLookup utility\n- **LICENSE.md**: License file\n- **README.md**: This file\n- **requirements.txt**: List of required Python packages\n\n## Dependencies\nWhilst GTFOBLookup will run in Python2.7, some features require Python3.\n\nGTFOBLookup requires the following non-standard Python libraries to be installed:\n- appdirs (`pip install appdirs`)\n- colorama (`pip install colorama`)\n- git (`pip install gitpython`)\n- yaml (`pip install pyyaml`)\n\nThese can all be installed with the following command: `pip install -r requirements.txt`\n\n## Installation/Setup\nIt is recommended to install GTFOBLookup using pipx:\n\u003cpre\u003e\npipx install git+https://github.com/nccgroup/GTFOBLookup.git\n\u003c/pre\u003e\n\nOnce installed, run `gtfoblookup.py update` whilst connected to the internet to download local copies of the repositories.\n\n## Usage\nOn Linux, navigate to the GTFOBLookup directory and run `man ./gtfoblookup.1` or see below:\n\u003cpre\u003e\ngtfoblookup.py [-h] {update,purge,gtfobins,lolbas,wadcoms,hijacklibs} ...\n\nOPTIONS\n Sub-commands\n gtfoblookup.py update\n update local copies of repositories\n\n gtfoblookup.py purge\n remove local copies of repositories\n\n gtfoblookup.py gtfobins\n search the local copy of GTFOBins\n\n gtfoblookup.py lolbas\n search the local copy of LOLBAS\n\n gtfoblookup.py wadcoms\n search the local copy of WADComs\n\n gtfoblookup.py hijacklibs\n search the local copy of HijackLibs\n\nOPTIONS 'gtfoblookup.py update'\n usage: gtfoblookup.py update [-h] [-r repo]\n\n -r repo, --repo repo\n Only update the specified repository\n\nOPTIONS 'gtfoblookup.py purge'\n usage: gtfoblookup.py purge [-h] [-r repo]\n\n -r repo, --repo repo\n Only delete the specified repository\n\nOPTIONS 'gtfoblookup.py gtfobins'\n usage: gtfoblookup.py gtfobins [-h] {list,search} ...\n\n Sub-commands\n gtfoblookup.py gtfobins list\n list all types/categories/executables/prerequisites/services/attack types/OSs featured in the local copy of GTFOBins\n\n gtfoblookup.py gtfobins search\n searchthe GTFOBins repository\n\nOPTIONS 'gtfoblookup.py gtfobins list'\n usage: gtfoblookup.py gtfobins list [-h] attribute\n\n attribute\n the attribute to list\n\nOPTIONS 'gtfoblookup.py gtfobins search'\n usage: gtfoblookup.py gtfobins search [-h] [-c categories] [-f] executable\n\n executable\n the executable to search for\n\n -c categories, --category categories\n category or categories (comma separated) to search in\n\n -f, --file\n use a file containing a list of executables (one per line) instead of a single executable\n\nOPTIONS 'gtfoblookup.py lolbas'\n usage: gtfoblookup.py lolbas [-h] {list,search} ...\n\n Sub-commands\n gtfoblookup.py lolbas list\n list all types/categories/executables/prerequisites/services/attack types/OSs featured in the local copy of LOLBAS\n\n gtfoblookup.py lolbas search\n searchthe LOLBAS repository\n\nOPTIONS 'gtfoblookup.py lolbas list'\n usage: gtfoblookup.py lolbas list [-h] attribute\n\n attribute\n the attribute to list\n\nOPTIONS 'gtfoblookup.py lolbas search'\n usage: gtfoblookup.py lolbas search [-h] [-c categories] [-t types] [-f]\n executable\n\n executable\n the executable to search for\n\n -c categories, --category categories\n category or categories (comma separated) to search in\n\n -t types, --type types\n type or types (comma separated)of executable to search for\n\n -f, --file\n use a file containing a list of executables (one per line) instead of a single executable\n\nOPTIONS 'gtfoblookup.py wadcoms'\n usage: gtfoblookup.py wadcoms [-h] {list,search} ...\n\n Sub-commands\n gtfoblookup.py wadcoms list\n list all types/categories/executables/prerequisites/services/attack types/OSs featured in the local copy of WADComs\n\n gtfoblookup.py wadcoms search\n searchthe WADComs repository\n\nOPTIONS 'gtfoblookup.py wadcoms list'\n usage: gtfoblookup.py wadcoms list [-h] attribute\n\n attribute\n the attribute to list\n\nOPTIONS 'gtfoblookup.py wadcoms search'\n usage: gtfoblookup.py wadcoms search [-h] [-p prerequisites] [-s services]\n [-a attack_types] [-o OSs] [-f]\n executable\n\n executable\n the executable to search for\n\n -p prerequisites, --prereq prerequisites\n search for executables with a specific prerequisite or prerequisites (comma separated)\n\n -s services, --service services\n search for executables that interract with aspecific service or services(comma separated)\n\n -a attack_types, --attacktype attack_types\n search for executables that can be used for aspecific type or types (comma separated) of attacks\n\n -o OSs, --os OSs\n search for executables that can be run on a specific operating system oroperating systems (comma separated)\n\n -f, --file\n use a file containing a list of executables (one per line) instead of a single executable\n\nOPTIONS 'gtfoblookup.py hijacklibs'\n usage: gtfoblookup.py hijacklibs [-h] {list,search} ...\n\n Sub-commands 'gtfoblookup.py hijacklibs'\n gtfoblookup.py hijacklibs list\n list all types/categories/executables/prerequisites/services/attack types/OSs featured in the local copy of HijackLibs\n\n gtfoblookup.py hijacklibs search\n searchthe HijackLibs repository\n\nOPTIONS 'gtfoblookup.py hijacklibs list'\n usage: gtfoblookup.py hijacklibs list [-h] attribute\n\n attribute\n the attribute to list\n\n Sub-commands 'gtfoblookup.py hijacklibs search'\n usage: gtfoblookup.py hijacklibs search [-h] [-a attack_types] [-v vendors] [-f] executable\n\n executable\n the executable to search for (use \"all\" to show results for all executables)\n\nOPTIONS 'gtfoblookup.py hijacklibs search'\n -a attack_types, --attacktype attack_types\n search for executables that can be used for aspecific type or types (comma separated) of attacks\n\n -v vendors, --vendor vendors\n search for executables from a specific vendor or vendors (comma separated)\n\n -f, --file\n use a file containing a list of executables (one per line) instead of a single executable\n\u003c/pre\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnccgroup%2Fgtfoblookup","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnccgroup%2Fgtfoblookup","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnccgroup%2Fgtfoblookup/lists"}