WARNING: This is a work in progress, please refer to https://gtfobins.github.io/.
GTFOBins is a curated list of Unix-like executables that can be used to bypass local security restrictions in misconfigured systems.
The project collects legitimate functions of Unix-like executables that can be abused to get the f**k break out restricted shells, escalate or maintain elevated privileges, transfer files, spawn bind and reverse shells, and facilitate other post-exploitation tasks.
GTFOBins is a joint effort by Emilio Pinna and Andrea Cardaci, and many other contributors. Everyone can get involved by providing additional entries and techniques!
If you are looking for Windows binaries you should visit LOLBAS.
Please note that this is not a list of exploits, and the programs listed here are not vulnerable per se, rather, GTFOBins is a compendium about how to live off the land when you only have certain executables available.
GitHub | Get involved | Contributors | JSON API | MITRE ATT&CKĀ® Navigator
| Executable | Functions |
|---|---|
| No matches! | |