Windows Exploit Suggester
There’s a Windows version of Linux Exploit Suggester called, as you might expect, Windows Exploit Suggester. This is a tool for identifying missing patches on the Windows target which may indicate possible vulnerabilities. The tool takes the output from the ‘systeminfo’ command and compares the target’s patch levels (hotfixes installed) against the latest version of the Microsoft vulnerability database (the vulnerability database is automatically downloaded and stored as an Excel spreadsheet). Based on this comparison the tool suggests possible public exploits (marked with an E) and Metasploit modules (marked with an M) that may work against the unpatched system.
Github
Updating the database
Getting system information
Run following command in target window and save the output in text file,
Running WES to check for any known vulnerabilities
WMI hotfix
If you’re unable to read the hotfixes installed from the ‘systeminfo’ command then you can also try using the WMI command-line (WMIC) utility. Run the following command on the target Windows host to retrieve a list of installed hotfixes:
store it as hotfixes.txt and run window exploit suggester
Note: In March 2017 Microsoft stopped maintaining the security bulletin search. This means the Windows Exploit Suggester database will not include any vulnerabilities or exploits found after that date. However, this tool can still be very useful for older systems. It is also possible, with some considerable effort, to create your own spreadsheet reflecting more recent vulnerabilities. These spreadsheets can be exported with Microsoft Security Guidance, including update replacement information from the API, it's still possible to create a recent vulnerability spreadsheet with some efforts.
Last updated