# GTFOBins/GTFOBins.github.io

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/gtfobins-gtfobins-github-io).**

12,669 stars · 1,515 forks · YAML · gpl-3.0

## Links

- GitHub: https://github.com/GTFOBins/GTFOBins.github.io
- Homepage: https://gtfobins.org
- awesome-repositories: https://awesome-repositories.com/repository/gtfobins-gtfobins-github-io.md

## Topics

`binaries` `bind-shell` `blueteam` `bypass` `exfiltration` `gtfobins` `linux` `post-exploitation` `redteam` `reverse-shell` `unix`

## Description

GTFOBins is a curated knowledge base documenting security-related techniques for Unix-based system binaries. It serves as a reference for offensive security research, detailing how standard, pre-installed system utilities can be repurposed to facilitate privilege escalation, restricted environment escapes, and post-exploitation workflows.

The project distinguishes itself by cataloging insecure execution paths and misconfigured permissions inherent in common system tools. By identifying legitimate binary functions that can be leveraged to bypass security controls, the repository provides a structured index for auditing local system security and understanding methods for maintaining control during security assessments.

The platform is built as a static site that separates technical content from its visual presentation. It utilizes a standardized data schema to store binary specifications, which are processed through a template-driven build system to generate the final documentation. A pre-computed index enables client-side search functionality, allowing users to filter and locate specific binary techniques directly within the browser without a backend database.

## Tags

### Security & Cryptography

- [Binary Security References](https://awesome-repositories.com/f/security-cryptography/binary-security-references.md) — Provides a curated collection of legitimate system binaries that can be abused to bypass security controls.
- [Privilege Escalation Tools](https://awesome-repositories.com/f/security-cryptography/privilege-escalation-tools.md) — Documents techniques for leveraging binary functions to gain elevated access levels on Linux systems.
- [Sandbox Restriction Bypasses](https://awesome-repositories.com/f/security-cryptography/identity-access-management/authentication-strategies/access-restriction-workarounds/sandbox-restriction-bypasses.md) — Details methods for bypassing security controls and restricted shells to escape sandboxed environments.
- [Post-Exploitation Tools](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/offensive-red-team/offensive-security-frameworks/post-exploitation-tools.md) — Provides a reference for post-exploitation workflows, including file transfers and shell spawning using system tools.
- [Security Check Bypasses](https://awesome-repositories.com/f/security-cryptography/security-configurations/security-check-bypasses.md) — Identifies legitimate binary functions to circumvent security measures and escape restricted environments. ([source](https://gtfobins.org))
- [Security Testing and Auditing](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing.md) — Serves as a reference for auditing local system security by analyzing binary functions for potential weaknesses.

### Data & Databases

- [Security Research Repositories](https://awesome-repositories.com/f/data-databases/technical-knowledge-bases/security-research-repositories.md) — Documents how pre-installed system tools facilitate unauthorized operations during security assessments.

### Development Tools & Productivity

- [Search-Index-Based Retrieval](https://awesome-repositories.com/f/development-tools-productivity/search-indexing-tools/search-index-based-retrieval.md) — Provides a pre-computed index for rapid, client-side keyword searching across the documentation without a backend database.

### Content Management & Publishing

- [Static Site Generation](https://awesome-repositories.com/f/content-management-publishing/static-site-document-generators/static-site-generators/static-site-generation.md) — Transforms structured data files into a collection of static HTML pages for deployment.