x/handbook
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
handbook/tools/5.Machine/2.Windows/General/Tools/Windows-exploit-suggester.md
Anton Nesterov af9011411c
vault backup: 2024-08-31 01:07:21
2024-08-31 01:07:22 +02:00

1.3 KiB
Raw Blame History

Top Commands

Windows Exploit Suggester

#Windows Machine
- Run systeminfo on the windows machine

#Linux Machine
- Copy all the data result and create a .txt document with all the information in it
- Run ./windows-exploit-suggester.py --update    ---> Create a fresh database of new exploits
- Run ./windows-exploit-suggester.py -i DATA-FOUND.TXT -d DATABASE.xlm

WES-NG (Windows Exploit Suggester - Next Generation)

#Linux
wes.py --update

#Windows Machine
systeminfo

#Linux
wes.py systeminfo.txt

Info Some exploit suggesting scripts (e.g. winPEAS) will require you to upload them to the target system and run them there. This may cause antivirus software to detect and delete them. To avoid making unnecessary noise that can attract attention, you may prefer to use WES-NG, which will run on your attacking machine (e.g. Kali or TryHackMe AttackBox).

Metasploit

multi/recon/local_exploit_suggester

Info If you already have a Meterpreter shell on the target system, you can use the multi/recon/local_exploit_suggester module to list vulnerabilities that may affect the target system and allow you to elevate your privileges on the target system.