Thanks to visit codestin.com
Credit goes to gtfobins.org

GTFOBins
Sponsor
Fork
Star
Sponsor
Fork
Star

GTFOBins is a curated list of Unix-like executables that can be used to bypass local security restrictions in misconfigured systems.

The project collects legitimate functions of Unix-like executables that can be abused to get the f**k break out restricted shells, escalate or maintain elevated privileges, transfer files, spawn bind and reverse shells, and facilitate other post-exploitation tasks.

GTFOBins is a joint effort by Emilio Pinna and Andrea Cardaci, and many other contributors. Everyone can get involved by providing additional entries and techniques!

If you are looking for Windows binaries you should visit LOLBAS.

Please note that this is not a list of exploits, and the programs listed here are not vulnerable per se, rather, GTFOBins is a compendium about how to live off the land when you only have certain executables available.

GitHub | Get involved | Contributors | JSON API | MITRE ATT&CKĀ® Navigator

Functions
Contexts
Filter
Executable Functions
7z
R
aa-exec
ab
acr
agetty
alpine
ansible-playbook
ansible-test
aoss
apache2
apache2ctl
apport-cli
apt
apt-get
aptitude
ar
aria2c
arj
arp
as
ascii-xfr
ascii85
ash
aspell
asterisk
at
atobm
awk
aws
base32
base58
base64
basenc
basez
bash
bashbug
batcat
bc
bconsole
bee
borg
bpftrace
bridge
bundle
bundler
busctl
busybox
byebug
bzip2
c89
c99
cabal
cancel
capsh
cargo
cat
cc
cdist
certbot
chattr
check_by_ssh
check_cups
check_log
check_memory
check_raid
check_ssl_cert
check_statusfile
chmod
choom
chown
chroot
chrt
clamscan
clisp
cmake
cmp
cobc
code
column
comm
composer
cowsay
cowthink
cp
cpan
cpio
cpulimit
crash
crontab
csh
csplit
csvtool
ctr
cupsfilter
curl
cut
dash
date
dc
dd
debugfs
dhclient
dialog
diff
dig
distcc
dmesg
dmidecode
dmsetup
dnf
dnsmasq
doas
docker
dos2unix
dosbox
dotnet
dpkg
dstat
dvips
easy_install
easyrsa
eb
ed
efax
egrep
elvish
emacs
enscript
env
eqn
espeak
ex
exiftool
expand
expect
facter
fail2ban-client
ffmpeg
fgrep
file
find
finger
firejail
fish
flock
fmt
fold
forge
fping
ftp
fzf
g++
gawk
gcc
gcloud
gcore
gdb
gem
genie
genisoimage
getent
ghc
ghci
gimp
ginsh
git
gnuplot
go
grc
grep
gtester
guile
gzip
hashcat
hd
head
hexdump
hg
highlight
hping3
iconv
iftop
install
ionice
ip
iptables-save
irb
ispell
java
jjs
joe
join
journalctl
jq
jrunscript
jshell
jtag
julia
knife
ksh
ksshell
ksu
kubectl
last
lastb
latex
latexmk
ld.so
ldconfig
less
lftp
links
ln
loginctl
logrotate
logsave
look
lp
ltrace
lua
lualatex
luatex
lwp-download
lwp-request
lxd
m4
mail
make
man
mawk
minicom
more
mosh-server
mosquitto
mount
msfconsole
msgattrib
msgcat
msgconv
msgfilter
msgmerge
msguniq
mtr
multitime
mutt
mv
mypy
mysql
nano
nasm
nawk
nc
ncdu
ncftp
neofetch
nft
nginx
nice
nl
nm
nmap
node
nohup
npm
nroff
nsenter
ntpdate
nvim
octave
od
openssl
openvpn
openvt
opkg
pandoc
passwd
paste
pax
pdb
pdflatex
pdftex
perf
perl
perlbug
pexec
pg
php
pic
pico
pidstat
pip
pipx
pkexec
pkg
plymouth
podman
poetry
posh
pr
procmail
pry
psftp
psql
ptx
puppet
pwsh
pygmentize
pyright
python
qpdf
rake
ranger
rc
readelf
red
redcarpet
redis
restic
rev
rlogin
rlwrap
rpm
rpmdb
rpmquery
rpmverify
rsync
rsyslogd
rtorrent
ruby
run-mailcap
run-parts
runscript
rustc
rustdoc
rustfmt
rustup
rview
    rvim
    sash
    scanmem
    scp
    screen
    script
    scrot
    sed
    service
    setarch
    setcap
    setfacl
    setlock
    sftp
    sg
    shred
    shuf
    slsh
    smbclient
    snap
    socat
    socket
    soelim
    softlimit
    sort
    split
    sqlite3
    sqlmap
    ss
    ssh
    ssh-agent
    ssh-copy-id
    ssh-keygen
    ssh-keyscan
    sshfs
    sshpass
    sshuttle
    start-stop-daemon
    stdbuf
    strace
    strings
    su
    sudo
    sysctl
    systemctl
    systemd-resolve
    systemd-run
    tac
    tail
    tailscale
    tar
    task
    taskset
    tasksh
    tbl
    tclsh
    tcpdump
    tcsh
    tdbtool
    tee
    telnet
    terraform
    tex
    tftp
    tic
    time
    timedatectl
    timeout
    tmate
    tmux
    top
    torify
    torsocks
    troff
    tsc
    tshark
    ul
    unexpand
    uniq
    unshare
    unsquashfs
    unzip
    update-alternatives
    urlget
    uuencode
    uv
    vagrant
    valgrind
    varnishncsa
    vi
    view
    vigr
    vim
    vimdiff
    vipw
    virsh
    volatility
    w3m
    wall
    watch
    wc
    wg-quick
    wget
    whiptail
    whois
    wireshark
    wish
    xargs
    xdg-user-dir
    xdotool
    xelatex
    xetex
    xmodmap
    xmore
    xpad
    xxd
    xz
    yarn
    yash
    yelp
    yt-dlp
    yum
    zathura
    zcat
    zgrep
    zic
    zip
    zless
    zsh
    zsoelim
    zypper
    No matches!