Sherlock is a Powershell script to quickly find missing software patches for local privilege escalation vulnerabilities

It can be loaded from Powershell or even loaded into Empire to be executed.


1. Download into Kali/Parrot

Executing Sherlock through Empire

1. import the script into the empire agent session, use the absolute linux path to load it

  • scriptimport /home/user/Desktop/Tools/Post-Exploitation/Sherlock/Sherlock.ps1


2. Once the task is in memory, we can execute commands that belong to Sherlock like “Find-AllVulns”

  • Scriptcmd Find-AllVulns

The output will show all the test results and VulnStatus show if the machine is vulnerable or not.