Drafting capabilities

_data/functions.yml

@@ -62,6 +62,13 @@ load-library:
     It loads shared libraries that may be used to run code in the binary
     execution context.
 
+capabilities-enabled:
+  label: Capabilities
+  description: |
+    It can manipulate its process UID and in Linux systems it can be set with the
+    `CAP_SETUID` capability to make it work as a backdoor to maintain elevated privileges.
+    This also works if the binary is invoked by another binary with the capability set.
+
 suid-enabled:
   label: SUID
   description: |