GTFOBins is a curated catalog of Unix / POSIX system binaries and how they can be misused to bypass restrictions, escalate privileges, exfiltrate data, spawn shells, or otherwise act as “living off the land” tools in a compromised environment. It collects documented techniques for how everyday binaries (e.g. awk, bash, tar, scp) can be abused under constrained conditions. Indexed list of Unix binaries and documented misuse techniques. Examples of command invocations to exploit misconfigurations. Scenarios for privilege escalation, file transfer, and process spawning. Community contributions to add or refine binary techniques.
Features
- Indexed list of Unix binaries and documented misuse techniques
- Examples of command invocations to exploit misconfigurations
- Scenarios for privilege escalation, file transfer, and process spawning
- Clear categorization by “what an attacker can do” (e.g. spawn shell, exfiltrate)
- Community contributions to add or refine binary techniques
- Static web interface / documentation for reference
Categories
SecurityLicense
GNU General Public License version 3.0 (GPLv3)Follow GTFOBins
Other Useful Business Software
$300 Free Credits for Your Google Cloud Projects
Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
Rate This Project
Login To Rate This Project
User Reviews
Be the first to post a review of GTFOBins!