Linux GTFOBins Abuse for Privilege Escalation

Detects abuse of native Linux binaries listed in GTFOBins to escape restricted environments, read sensitive system files, or spawn elevated shells. Covers LOTL techniques actively used by threat actors in Linux and macOS environments.