Command-line tool for GTFOBins - Unix binaries exploitation helper

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for t0thkr1s from gravatar.com t0thkr1s

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU General Public License v3 (GPLv3) (GPL-3.0)
  • Author: t0thkr1s
  • Maintainer: kasem545
  • Tags gtfobins , security , exploitation , privilege-escalation , pentesting
  • Requires: Python >=3.6
Classifiers
Report project as malware

Project description

🚀 GTFOBins CLI

Python License Stars

Overview

GTFOBins CLI is a command-line interface for GTFOBins, providing instant access to Unix binary exploitation techniques. This tool helps security professionals and system administrators identify and understand how legitimate Unix binaries can be misused to bypass security restrictions.

Key Features

  • 🔍 Quick Binary Lookup: Search exploitation techniques for any Unix binary
  • 🔎 Fuzzy Search: Find binaries with partial name matching
  • 🏷️ Filter by Type: Filter binaries by exploitation type (shell, suid, sudo, etc.)
  • 🖥️ Interactive Mode: fzf-style autocomplete for quick navigation
  • 🎨 Syntax Highlighting: Color-coded output for better readability
  • 📦 Offline Database: No internet connection required
  • 🚀 Instant Access: Fast, local searches with zero latency
  • 💻 Cross-Platform: Works on Linux, macOS, and Windows

Installation

From pipx (Recommended)

pipx install git+https://github.com/kasem545/gtfobins-cli

From Source

git clone https://github.com/kasem545/gtfobins-cli
cd gtfobins-cli
pip install -e .

Usage

Basic Usage

gtfo <binary>

Examples

# Search for sudo exploitation techniques
gtfo sudo

# Search for python exploitation techniques
gtfo python

# Fuzzy search binaries by name
gtfo -s pyth

# Filter binaries by exploitation type
gtfo -f shell
gtfo -f suid
gtfo -f sudo

# Show only specific technique for a binary
gtfo python -f sudo

# Interactive mode with autocomplete
gtfo -i

# List all available binaries
gtfo -l

# Check version
gtfo --version

Command Line Options

Option Description
binary Unix binary to search for exploitation techniques
-s, --search TERM Fuzzy search binaries by name
-f, --filter TYPE Filter binaries by exploitation type
-i, --interactive Interactive mode with autocomplete
-l, --list List all available binaries
-v, --version Show version
-h, --help Show help message

Exploitation Categories

The tool provides information about various exploitation techniques:

  • Shell: Spawn an interactive shell
  • Command: Execute system commands
  • Reverse Shell: Establish a reverse shell connection
  • Non-interactive Reverse Shell: Create a non-interactive reverse shell
  • Bind Shell: Set up a bind shell
  • Non-interactive Bind Shell: Create a non-interactive bind shell
  • File Upload: Transfer files to the target system
  • File Download: Extract files from the target system
  • File Write: Write data to files
  • File Read: Read file contents
  • Library Load: Load shared libraries
  • SUID: Exploit SUID permissions
  • Sudo: Exploit sudo permissions
  • Capabilities: Exploit Linux capabilities
  • Limited SUID: Work with limited SUID permissions

Screenshots

Development

Setting up Development Environment

# Clone the repository
git clone https://github.com/kasem545/gtfobins-cli
cd gtfo

# Create virtual environment
python -m venv venv
source venv/bin/activate  # On Windows: venv\Scripts\activate

# Install in development mode
pip install -e .

Running Tests

# Install test dependencies
pip install pytest pytest-cov

# Run tests
pytest

Contributing

Contributions are welcome! Please feel free to submit a Pull Request. For major changes, please open an issue first to discuss what you would like to change.

  1. Fork the repository
  2. Create your feature branch (git checkout -b feature/amazing-feature)
  3. Commit your changes (git commit -m 'Add some amazing feature')
  4. Push to the branch (git push origin feature/amazing-feature)
  5. Open a Pull Request

Credits

  • Binary exploitation data from GTFOBins
  • Original GTFOBins project contributors
  • Created by t0thkr1s
  • maintained by kasem545

Security Notice

⚠️ Important: This tool is designed for authorized security testing and educational purposes only. Users must:

  • Only use this tool on systems they own or have explicit permission to test
  • Comply with all applicable laws and regulations
  • Understand that misuse of this tool may result in criminal charges

The developers assume no liability and are not responsible for any misuse or damage caused by this tool.

License

This project is licensed under the GNU General Public License v3.0 - see the LICENSE file for details.

Support

If you encounter any issues or have questions:

  • Open an issue
  • Check existing issues for solutions
  • Consult the GTFOBins website for additional information

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for t0thkr1s from gravatar.com t0thkr1s

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU General Public License v3 (GPLv3) (GPL-3.0)
  • Author: t0thkr1s
  • Maintainer: kasem545
  • Tags gtfobins , security , exploitation , privilege-escalation , pentesting
  • Requires: Python >=3.6
Classifiers

Release history Release notifications | RSS feed

This version

1.1.0

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

gtfobins_cli-1.1.0.tar.gz (423.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

gtfobins_cli-1.1.0-py3-none-any.whl (529.8 kB view details)

Uploaded Python 3

File details

Details for the file gtfobins_cli-1.1.0.tar.gz.

File metadata

  • Download URL: gtfobins_cli-1.1.0.tar.gz
  • Upload date:
  • Size: 423.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for gtfobins_cli-1.1.0.tar.gz
Algorithm Hash digest
SHA256 5527b6ea083a31d1dc57408fc91729c1e6ccde32b3ae43bf2b0a83a81198f05f
MD5 983dc34588ae2f8841830923c25be84f
BLAKE2b-256 f0f65d8f94b50e70056ea0bdf22f36be7a8fffb0d996cf90aa1f4c1214396f8e

See more details on using hashes here.

Provenance

The following attestation bundles were made for gtfobins_cli-1.1.0.tar.gz:

Publisher: publish.yml on t0thkr1s/gtfobins-cli

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file gtfobins_cli-1.1.0-py3-none-any.whl.

File metadata

  • Download URL: gtfobins_cli-1.1.0-py3-none-any.whl
  • Upload date:
  • Size: 529.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for gtfobins_cli-1.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 5ad4b74fdc6cafdaa3717dd5bf3379b0d7327d9981baf79c48a3d88442baa520
MD5 ea79324d7fafee3dffd0312da41ff283
BLAKE2b-256 4363924a121ce315191a8507595f9e70a0604c0d7a3ba4271d9bf13b3f12e141

See more details on using hashes here.

Provenance

The following attestation bundles were made for gtfobins_cli-1.1.0-py3-none-any.whl:

Publisher: publish.yml on t0thkr1s/gtfobins-cli

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page