GTFOBins

GTFOBins is a curated catalog of Unix / POSIX system binaries and how they can be misused to bypass restrictions, escalate privileges, exfiltrate data, spawn shells, or otherwise act as “living off the land” tools in a compromised environment. It collects documented techniques for how everyday binaries (e.g. awk, bash, tar, scp) can be abused under constrained conditions. Indexed list of Unix binaries and documented misuse techniques. Examples of command invocations to exploit misconfigurations. Scenarios for privilege escalation, file transfer, and process spawning. Community contributions to add or refine binary techniques.

Features

Indexed list of Unix binaries and documented misuse techniques
Examples of command invocations to exploit misconfigurations
Scenarios for privilege escalation, file transfer, and process spawning
Clear categorization by “what an attacker can do” (e.g. spawn shell, exfiltrate)
Community contributions to add or refine binary techniques
Static web interface / documentation for reference

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow GTFOBins

GTFOBins Web Site

Other Useful Business Software

$300 in Free Credit Towards Top Cloud Services

Build VMs, containers, AI, databases, storage—all in one place.

Start your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.

Get Started

Rate This Project

User Reviews

Be the first to post a review of GTFOBins!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Python

Related Categories

Python Security Software

Registered

2025-09-26

Similar Business Software

ManageEngine ADAudit Plus

ADAudit Plus helps keep your Windows Server ecosystem secure and compliant by providing full visibility into all activities. ADAudit Plus provides a clear picture of all changes made to your AD resources including AD objects and their attributes, group policy, and more. AD auditing helps detect...

See Software
Securden Unified PAM

Securden Unified PAM is a privileged access security solution that lets you discover, centrally store, organize, share, manage, and keep track of all privileged identities, passwords, keys, documents, and other identities. It helps you establish a centralized password management system, automate...

See Software
Passwork

Passwork is an on-premise corporate password manager built for security-conscious organizations. Developed and headquartered in Europe (Barcelona, Spain), Passwork meets GDPR, NIS2, ENS and other European regulatory requirements by design. All passwords and credentials are stored exclusively...

See Software
Proton Drive

Proton Drive is the all-in-one workspace for storing sensitive data and collaborating with your teams, clients, and partners. Collaborate securely without compromising control: Share client files, contracts, and sensitive business documents with full end-to-end encryption. You control who...

See Software
groundcover

Cloud-based observability solution that helps businesses track and manage workload and performance on a unified dashboard. Monitor everything you run in your cloud without compromising on cost, granularity, or scale. groundcover is a full stack cloud-native APM platform designed to make...

See Software
New Relic

There are an estimated 25 million engineers in the world across dozens of distinct functions. As every company becomes a software company, engineers are using New Relic to gather real-time insights and trending data about the performance of their software so they can be more resilient and...

See Software

Report inappropriate content

GTFOBins

GTFOBins is a curated list of Unix binaries

Get an email when there's a new version of GTFOBins

Features

Project Samples

Project Activity

Categories

License

Follow GTFOBins

User Reviews

Additional Project Details

Operating Systems

Programming Language

Related Categories

Registered