Windows Exploit Suggester (WES-NG)
privescwindowstool
Summary
Compares a target's systeminfo output against a database of known patches to suggest missing-patch privilege escalation exploits.
Walkthrough
Use WES-NG to identify missing patches on a Windows target that map to known privilege escalation exploits.
Steps
- Update the local exploit database first with
python3 wes.py -u. - Collect
systeminfooutput from the target, save it (e.g.sysinfo), and runpython3 wes.py sysinfoto list candidate vulnerabilities.
Commands
bash
python3 wes.py -u
bash
python3 wes.py sysinfo