Find-gh-poc

The centerpiece of the Trickest CVE project; finds CVE PoCs on Github.

Installation

From binary

Download a prebuilt binary from the releases page and unzip it.

From source

Go version 1.17 is recommended.

go install -v github.com/trickest/find-gh-poc@latest

Docker

docker pull quay.io/trickest/find-gh-poc

Command line options

  -query-string string
    	GraphQL search query
  -query-file string
    	File to read GraphQL search query from
  -adjust-delay
    	Automatically adjust time delay between requests
  -delay int
    	Time delay after every GraphQL request [ms]
  -silent
    	Don't print JSON output to stdout
  -token-string string
    	Github token
  -token-file string
    	File to read Github token from
  -o string
    	Output file name

Query examples

cve-2022
cve-2022-1234
jenkins

Note on Results

Depending on the search query, the results will most likely contain a few false positives (either PoCs of other CVEs or irrelevant repositories). Find-gh-poc outputs all of the query results without (currently) trying to filter them. We recommend that you use the results as a starting point and do your own filtering as you see fit for your use case.

References

https://github.com/trickest/cve

find-gh-poc

Commits

Add docker image location

Merge pull request #26 from trickest/delay-flag

Update command line options

Merge branch 'main' into delay-flag

Increase delay time by API response time

Remove redundant delay multiplication

README