GTFOBins

.github-corner:hover .octo-arm{animation:octocat-wave 560ms ease-in-out}@keyframes octocat-wave{0%,100%{transform:rotate(0)}20%,60%{transform:rotate(-25deg)}40%,80%{transform:rotate(10deg)}}@media (max-width:500px){.github-corner:hover .octo-arm{animation:none}.github-corner .octo-arm{animation:octocat-wave 560ms ease-in-out}} GTFOBins Sponsor Fork Star Sponsor Fork Star GTFOBins is a curated list of Unix-like executables that can be used to bypass local security restrictions in misconfigured systems. The project collects legitimate functions of Unix-like executables that can be abused to get the f**k break out restricted shells, escalate or maintain elevated privileges, transfer files, spawn bind and reverse shells, and facilitate other post-exploitation tasks. GTFOBins is a joint effort by Emilio Pinna and Andrea Cardaci, and many other contributors. Everyone can get involved by providing additional entries and techniques! If you are looking for Windows binaries you should visit LOLBAS. Please note that this is not a list of exploits, and the programs listed here are not vulnerable per se, rather, GTFOBins is a compendium about how to live off the land when you only have certain executables available. GitHub | Get involved | Contributors | JSON API | MITRE ATT&CK® Navigator Functions ShellCommandReverse shellBind shellFile writeFile readUploadDownloadLibrary loadPrivilege escalationInherit Contexts UnprivilegedSudoSUIDCapabilities Filter Executable Functions 7z File read R Shell aa-exec Shell ab Upload Download acr Command agetty Shell alpine File read ansible-playbook Shell ansible-test Shell aoss Shell apache2 File read apache2ctl File read apport-cli Inherit Shell Command File write File read Inherit apt Shell Inherit Shell Command File write File read Inherit apt-get Shell Inherit Shell Command File write File read Inherit aptitude Inherit Shell Command File write File read Inherit ar File read arch-nspawn Shell aria2c Command File read Download arj File write File read arp File read as File read ascii-xfr File read ascii85 File read ash Shell File write aspell File read asterisk Shell at Shell Command atobm File read autoconf Shell autoheader Shell autoreconf Shell awk Shell File write File read aws File read Inherit Shell Command File write File read Inherit base32 File read base58 File read base64 File read basenc File read basez File read bash Shell Reverse shell File write File read Upload Download Library load bashbug Inherit Shell File write File read batcat Inherit Shell Command File write File read Inherit bbot File read bc File read bconsole Shell File read bee Inherit Shell Command Reverse shell File write File read Upload Download borg Shell bpftrace Shell bridge File read bundle Shell Inherit Shell Command File write File read Inherit bundler Shell Inherit Shell Command File write File read Inherit busctl Shell Inherit Shell Command File write File read Inherit busybox Reverse shell Upload Inherit Shell File write File read byebug Inherit Shell Reverse shell File write File read Upload Download Library load bzip2 File read c89 Shell File write File read c99 Shell File write File read cabal Shell cancel Upload capsh Shell cargo Inherit Shell Command File write File read Inherit cat File read cc Shell File write File read cdist Shell certbot Shell chattr Privilege escalation check_by_ssh Shell check_cups File read check_log File write File read check_memory File read check_raid File read check_ssl_cert Shell…

This excerpt is published under fair use for community discussion. Read the full article at Gtfobins.