.. / Contributing


We welcome all contributions to this project on GitHub. You can either open an Issue to suggest improvements or directly open a Pull Request if you are confident with your suggestion.

Here are a few guidelines for Pull Requests:


We use a slighly modified fork GTFOBins. You can visualize individual vectors in the _binaries folder for inspiration. Every vector is a YAML front matter that describes its functions, how to trigger it, its requirements, and references.

For instance, this is the vector for git ls-remote:

    - description: |
        This vector requires an additional positional argument.
      code: |-
        git ls-remote '--upload-pack=id>/tmp/foo;' foo
        - title: "Agent 008: Chaining Vulnerabilities to Compromise GoCD"
          url: https://www.sonarsource.com/blog/gocd-vulnerability-chain/

Pre-defined functions are:

Building the website

We use Jekyll to generate the website and the search index. Install the required dependencies and then start Jekyll’s local server:

$ bundle install
$ bundle exec jekyll serve