Sherlock is a Powershell script to quickly find missing software patches for local privilege escalation vulnerabilities

It can be loaded from Powershell or even loaded into Empire to be executed.

https://github.com/rasta-mouse/Sherlock

https://github.com/rasta-mouse/Sherlock/blob/master/Sherlock.ps1

Download

1. Download into Kali/Parrot

Executing Sherlock through Empire

1. import the script into the empire agent session, use the absolute linux path to load it

  • scriptimport /home/user/Desktop/Tools/Post-Exploitation/Sherlock/Sherlock.ps1

Or

2. Once the task is in memory, we can execute commands that belong to Sherlock like “Find-AllVulns”

  • Scriptcmd Find-AllVulns

The output will show all the test results and VulnStatus show if the machine is vulnerable or not.