x/handbook
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
handbook/tools/5.Machine/2.Windows/General/Tools/Windows-exploit-suggester.md
Anton Nesterov af9011411c
vault backup: 2024-08-31 01:07:21
2024-08-31 01:07:22 +02:00

42 lines
1.3 KiB
Markdown
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

## Top Commands
Windows Exploit Suggester
```Terminal
#Windows Machine
- Run systeminfo on the windows machine
#Linux Machine
- Copy all the data result and create a .txt document with all the information in it
- Run ./windows-exploit-suggester.py --update ---> Create a fresh database of new exploits
- Run ./windows-exploit-suggester.py -i DATA-FOUND.TXT -d DATABASE.xlm
```
- https://github.com/AonCyberLabs/Windows-Exploit-Suggester
WES-NG (Windows Exploit Suggester - Next Generation)
```Terminal
#Linux
wes.py --update
#Windows Machine
systeminfo
#Linux
wes.py systeminfo.txt
```
- https://github.com/bitsadmin/wesng
Info
Some exploit suggesting scripts (e.g. winPEAS) will require you to upload them to the target system and run them there. This may cause antivirus software to detect and delete them. To avoid making unnecessary noise that can attract attention, you may prefer to use WES-NG, which will run on your attacking machine (e.g. Kali or TryHackMe AttackBox).
Metasploit
```MSFconsole
multi/recon/local_exploit_suggester
```
Info
If you already have a Meterpreter shell on the target system, you can use the `multi/recon/local_exploit_suggester` module to list vulnerabilities that may affect the target system and allow you to elevate your privileges on the target system.
Reference in a new issue View git blame Copy permalink