diff --git a/_gtfobins/gcore.md b/_gtfobins/gcore.md
new file mode 100644
index 0000000..89f353d
--- /dev/null
+++ b/_gtfobins/gcore.md
@@ -0,0 +1,10 @@
+---
+description: It can be used to generate core dumps of running processes. Such files often contains sensitive information such as open files content, cryptographic keys, passwords, etc. This command produces a binary file named `core.$PID`, that is then often filtered with `strings` to narrow down relevant information.
+functions:
+  file-read:
+    - code: gcore $PID
+  sudo:
+    - code: sudo gcore $PID
+  suid:
+    - code: ./gcore $PID
+---