GTFOBins is a curated catalog of Unix / POSIX system binaries and how they can be misused to bypass restrictions, escalate privileges, exfiltrate data, spawn shells, or otherwise act as “living off the land” tools in a compromised environment. It collects documented techniques for how everyday binaries (e.g. awk, bash, tar, scp) can be abused under constrained conditions. Indexed list of Unix binaries and documented misuse techniques. Examples of command invocations to exploit misconfigurations. Scenarios for privilege escalation, file transfer, and process spawning. Community contributions to add or refine binary techniques.

Features

  • Indexed list of Unix binaries and documented misuse techniques
  • Examples of command invocations to exploit misconfigurations
  • Scenarios for privilege escalation, file transfer, and process spawning
  • Clear categorization by “what an attacker can do” (e.g. spawn shell, exfiltrate)
  • Community contributions to add or refine binary techniques
  • Static web interface / documentation for reference

Project Samples

GTFOBins Screenshot 1

Project Activity

See All Activity >

Categories

Security

License

GNU General Public License version 3.0 (GPLv3)

Follow GTFOBins

GTFOBins Web Site

You Might Also Like
Gen AI apps are built with MongoDB Atlas Icon
Gen AI apps are built with MongoDB Atlas

The database for AI-powered applications.

MongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.
Start Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of GTFOBins!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Python

Related Categories

Python Security Software

Registered

2025-09-26
Report inappropriate content