← Back to search

Windows Exploit Suggester (WES-NG)

privescwindowstool

Summary

Compares a target's systeminfo output against a database of known patches to suggest missing-patch privilege escalation exploits.

Walkthrough

Use WES-NG to identify missing patches on a Windows target that map to known privilege escalation exploits.

Steps

  • Update the local exploit database first with python3 wes.py -u.
  • Collect systeminfo output from the target, save it (e.g. sysinfo), and run python3 wes.py sysinfo to list candidate vulnerabilities.

Commands

bash

python3 wes.py -u

bash

python3 wes.py sysinfo