PoCFinder is a fast and interactive terminal tool to search for Proof of Concept (PoC) repositories on GitHub.
It provides a clean fzf-based interface with rich preview, automatic caching, and quick actions to open or clone repositories directly from the terminal.
- 🔍 Search PoCs by keyword or CVE ID
- ⚡ Automatic caching system (results saved for 10 minutes)
- 🖥️ Rich live preview panel (Description, Language, Forks, Open Issues, README Preview)
- 🎨 Modern terminal UI inspired by popular security tools
- 🚀 Built on top of GitHub CLI (
gh) for fast and reliable results - 📋 Quick actions: Open in browser or clone repository
| Tool | Purpose | Minimum Version | Installation |
|---|---|---|---|
gh |
GitHub Command Line Interface | 2.20.0 or higher | See below |
fzf |
Interactive fuzzy finder | Any | See below |
jq |
JSON processor | Any | See below |
Important:
ghversion 2.20.0 or newer is required because PoCFinder uses thegh search reposcommand.
# Add GitHub CLI official repository
curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null
sudo apt update
sudo apt install gh fzf jq -ysudo dnf install gh fzf jq -ysudo pacman -S github-cli fzf jqbrew install gh fzf jqYou need to set a GitHub Personal Access Token:
export GH_TOKEN=ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxAdd it to your shell configuration file:
# For Bash
echo 'export GH_TOKEN=ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxx' >> ~/.bashrc
# For Zsh
echo 'export GH_TOKEN=ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxx' >> ~/.zshrcgit clone https://github.com/shinthink/pocfinder.git
cd pocfinder
chmod +x pocfinder
./pocfinder# Interactive mode
./pocfinder
# Search directly
./pocfinder CVE-2024
./pocfinder sqlmap
./pocfinder "remote code execution"
# Refresh cache
./pocfinder refresh
./pocfinder refresh CVE-2025- Run
./pocfinder - Enter a keyword or CVE ID
- Use arrow keys to browse results
- View detailed information and README preview on the right panel
- Press
Enterto select a repository - Choose an action (
[1]Open in Browser,[2]Clone, or[q]Exit)
pocfinder/
├── pocfinder
├── README.md
├── LICENSE
└── .gitattributes
- Uses
gh search reposto find relevant repositories - Results are cached locally in
~/.pocfinder/ - Uses
fzffor fast interactive selection - Displays repository details and a short README preview
ghversion 2.20.0 or higher is required- A valid
GH_TOKENis needed for the best experience - Use
./pocfinder refreshto force update the cache
Contributions are welcome!
This project is licensed under the MIT License.
shinthink
Built to help security researchers and bug bounty hunters find relevant PoCs more efficiently.