Folders and files

Name		Name	Last commit message	Last commit date
Latest commit History 64 Commits
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
banner.png		banner.png
go.mod		go.mod
go.sum		go.sum
main.go		main.go

Repository files navigation

Find-gh-poc

The centerpiece of the Trickest CVE project; finds CVE PoCs on Github.

Installation

From binary

Download a prebuilt binary from thereleases page and unzip it.

From source

Go version 1.17 is recommended.

go install -v github.com/trickest/find-gh-poc@latest

Docker

docker pull quay.io/trickest/find-gh-poc

Command line options

  -query-string string    GraphQL search query  -query-file string    File to read GraphQL search query from  -adjust-delay    Automatically adjust time delay between requests  -delay int    Time delay after every GraphQL request [ms]  -silent    Don't print JSON output to stdout  -token-string string    Github token  -token-file string    File to read Github token from  -o string    Output file name

Query examples

cve-2022
cve-2022-1234
jenkins

Note on Results

Depending on the search query, the results will most likely contain a few false positives (either PoCs of other CVEs or irrelevant repositories). Find-gh-poc outputs all of the query results without (currently) trying to filter them. We recommend that you use the results as a starting point and do your own filtering as you see fit for your use case.