, ,

Cool Tools Series: Reptyr

the exploit blog logo
The Exploit: Penetration Testing Insights From The Frontlines
Posted on April 7, 2026
Cool Tools Series: Reptyr

Written by Jason Taylor

Have you ever started a “quick nmap scan” on a remote internal network penetration test only to find out an hour in that this may be taking longer than anticipated? If you were thinking ahead and ran your nmap scan within a screen or tmux session, no harm done. You can just detach from your session and go about your business, knowing your laptop going to sleep isn’t going to disconnect you and kill that long-running scan. 

Sometimes, though, you may not have thought this scan would take long. You didn’t start up screen ahead of time, and now you’re in a pickle. Is there anything you can do? Thankfully, yes, it is possible to move a currently running process into a new screen or tmux session. Today we’ll be highlighting a cool tool called reptyr that can take over already running processes and bring them into a new screen or tmux session.

Installation

To get started, you will need to install reptyr, which should be available in your system’s package repository for most Linux systems, including Ubuntu and Kali. You can install with a simple command:

apt update && apt install -y reptyr
Installing Reptyr

Migrating Processes

With reptyr installed you can now migrate processes from a non-screen SSH terminal into a safe-and-sound screen or tmux session. The process is simple and does involve suspending and backgrounding the process briefly during the transfer process.

Enter the following commands in your terminal to suspend and background the currently running process:

  1. Ctrl+Z to suspend the process
  2. bg to resume the process in the background
  3. disown %1 to detach the background job
Commands to migrate the process

With the process running in the background and not attached to the current terminal session you can launch screen or tmux and use ps to identify the Process ID (PID) of your running process. Once the PID is found, run reptyr <pid> to resume the process in the current terminal. 

You can then safely detach your screen or tmux session and rest assured that your long running scan will continue in the background.

Using Reptyr to place an nmap process in a new screen

A Handy Cheat Sheet

To recap, the process is as simple is:

  1. Install reptyr: apt update && apt install reptyr
  2. Suspend your currently running process: Ctrl+Z
  3. Background the process: bg
  4. Disown the process: disown %1
  5. Start a screen session: screen
  6. Find the PID: ps aux | grep nmap
  7. Take over the process: reptyr <pid>

Thanks for Reading

If you enjoyed this quick tutorial of a tool that I often find very useful on penetration tests, you may enjoy others in this series as well, including Croc for Secure Data Exfiltration.

Jason Taylor

Jason Taylor
Jason has a passion for asking “what-if” questions and for trying to “break” software and test how it responds to unintended uses. Jason has a background in System Administration and Security Engineering in the financial sector. He holds both defensive and offensive certifications including OSCP, PNPT, GCIH, CASP+, and is Splunk Certified. When he’s not spending his time taking new training courses, he loves spending time with his wife and kids and occasionally working on an IoT project to automate some aspect of their greenhouse or chicken coop.

Search The Exploit Blog

Blog Categories

Stay up to date with the latest in penetration testing

Name(Required)
Newsletter(Required)
Do you wish to join our newsletter? We send out emails once a month that cover the latest in cybersecurity news. We do not sell your information to other parties.