Windows Exploit Suggester Lists Known Exploits for Your Windows Install

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,247
A program called Windows Exploit Suggester - Next Generation, or WES-NG, has been released that will list the known vulnerabilities affecting a Windows installation, any exploits that are available, and what security updates are needed to patch the bugs.

WES-NG was created by security researcher Arris Huijgen, who based his project off the Windows-Exploit-Suggester program that was originally released in 2014 by GDS Security, now known as AON Security. The original program stopped working when Microsoft stopped updating their Microsoft Security Bulletin Data Excel file and switched to the Microsoft Security Response Center API.

This program works by comparing a Windows SystemInfo report with a downloaded CSV file of known vulnerabilities and their associated security updates. Using this data, Windows Exploit Suggester will display a report showing all of the unpatched vulnerabilities found on the computer and their respective CVE IDs, Microsoft knowledge base article numbers, and a link to any known exploits for that vulnerability.


Windows Exploit Suggester - Next Generation (WES-NG) Demo
Windows Exploit Suggester - Next Generation (WES-NG) Demo

According to the projects description, every version of Windows between Windows XP and Windows 10, including the Windows Server counterparts, is supported.


For those who want to focus on specific vulnerabilities and filter out the rest, users can utilize the --hide flag to specify those vulnerabilities that should be filtered. For example, to filter out Edge vulnerabilities you can use the wes.py systeminfo.txt --hide Edge command.


Windows Exploit Suggester Help Screen
Windows Exploit Suggester Help Screen

As Windows Exploit Suggester is written in Python, you will need to download and install the Python before you can use it. When testing WES-NG, BleepingComptuer used Python for Windows 3.7.2 and had to install the Chardet library using the pip3 install chardet command for the program to work.

Once Python and the necessary libraries are installed, you can run the Windows Exploit Suggester by following these steps:
  1. Download Windows Exploit Suggester - NSG from its GitHub repository. Once downloaded, you will use the wes.py script to execute the program.
  2. Open a Windows command prompt.
  3. Download and Update the vulnerability database with the wes.py --update command.
  4. Create a SystemInfo report with the systeminfo > systeminfo.txt command.
  5. Run Windows Exploit Suggester using the SystemInfo report with the wes.py systeminfo.txt command. To redirect the output to a text file that you can open in Notepad, you can use the wes.py systeminfo.txt > wes-report.txt command
You can now open the report in Windows and determine what vulnerabilities exist on the computer and what updates need to be installed to patch them.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
You need to install python in order to use it, which is a security risk in itself.
Better to just enable automatic Windows updates, and not install python.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top