GitXplorerGitXplorer
t

find-gh-poc

public
136 stars
20 forks
1 issues

Commits

List of commits on branch main.
Unverified
fc39173e7432d7bd28f28a20722588225ffe156f

Update README.md

ttrickest-workflows committed a year ago
Verified
dd2121b51215113c25db13632a34176c783f7bc6

Update README.md

mmhmdiaa committed 2 years ago
Verified
e528fcceb9dd170ea8ff6d1750e82134e71d3937

Add banner

committed 2 years ago
Verified
937dbeb443dd65778012527667f943b117bc6f13

Add banner

committed 2 years ago
Unverified
0bb8675a7d8693062cb04d3a7b6727072c1b7807

Update go module name

committed 2 years ago
Verified
b69167ac4a69ef2b94ef5de8494e1b8887efa0eb

Update README.md

committed 2 years ago

README

The README file for this repository.

Find-gh-poc Tweet

The centerpiece of the Trickest CVE project; finds CVE PoCs on Github.


Installation

From binary

Download a prebuilt binary from the releases page and unzip it.

From source

Go version 1.17 is recommended.

go install -v github.com/trickest/find-gh-poc@latest

Docker

docker pull quay.io/trickest/find-gh-poc

Command line options

  -query-string string
    	GraphQL search query
  -query-file string
    	File to read GraphQL search query from
  -adjust-delay
    	Automatically adjust time delay between requests
  -delay int
    	Time delay after every GraphQL request [ms]
  -silent
    	Don't print JSON output to stdout
  -token-string string
    	Github token
  -token-file string
    	File to read Github token from
  -o string
    	Output file name

Query examples

  • cve-2022
  • cve-2022-1234
  • jenkins

Note on Results

Depending on the search query, the results will most likely contain a few false positives (either PoCs of other CVEs or irrelevant repositories). Find-gh-poc outputs all of the query results without (currently) trying to filter them. We recommend that you use the results as a starting point and do your own filtering as you see fit for your use case.

References

https://github.com/trickest/cve