Skip to content
This repository has been archived by the owner on May 5, 2024. It is now read-only.

polyrize/sf-apex-pe-scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
apex_pe_scanner.apex
apex_pe_scanner.apex
 
 
apex_pe_scanner.py
apex_pe_scanner.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

APEX PE Scanner

A small utility that finds users who are capable of privilege escalation using APEX.

The PE abuses the fact that APEX Triggers run in system mode. A full technical explanation can be found here.

How to run

The utility requires a username, a password and the security token of a Salesforce user.

python apex_pe_scanner.py -u USERNAME -p PASSWORD -t SECURITY_TOKEN

Instead of typing in your password and security token you can import this code and invoke find_users_with_apex with a logged-in simple_salesforce client.

Alternatively you can execute the apex code provided in apex_pe_scanner.apdx in Salesforce Developer Console.

Requirements

Python 3.7+

Required python packages:

  • simple_salesforce

About

A PE scanner for SFDC provided by Polyrize

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

5 stars

Watchers

9 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages