GTFOBins
Featured⚖️ Dual Use · Shell
GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions on misconfigured systems. It documents how standard system binaries (find, vim, python, bash, etc.) can be abused for privilege escalation, file read/write, shell escape, reverse shell creation, and more. It's the definitive reference for Living Off The Land techniques on Linux/Unix systems. Every pentester and red teamer has this bookmarked.
Use Cases
- Linux privilege escalation via standard binaries
- Shell escape from restricted environments
- File read/write through unexpected binaries
- Reverse shell creation using system tools
- Security hardening — knowing what to restrict
Tags
Details
- Category
- ⚖️ Dual Use
- Language
- Shell
- Repository
- GTFOBins/GTFOBins.github.io
Platforms
Alternatives & Comparisons
More in Dual Use
ProxyChains-ng
CForce any TCP connection through SOCKS4/5 or HTTP proxies. Chain multiple proxies for anonymity.
Socat
CMultipurpose relay tool. Bidirectional data transfer between two data channels — sockets, files, pipes, devices.
ngrok
GoExpose local servers to the internet via secure tunnels. Instant public URLs for localhost services.
Rclone
Gorsync for cloud storage. Sync, copy, and mount 70+ cloud providers. Command-line Swiss army knife for cloud data.
LOLBAS
ShellLiving Off The Land Binaries, Scripts and Libraries for Windows. Documenting every Windows binary with offensive potential.
Sysinternals Suite
C/C++Microsoft's advanced system utilities. PsExec, Process Monitor, Autoruns, TCPView — essential for both ops and offense.