Windows Exploit Suggester – Next Generation (WES-NG)
WES-NG is a tool which based on the output of Windows’
systeminfo utility provides you with the list of vulnerabilities the OS is vulnerable to, including any exploits for these vulnerabilities. Every Windows OS between Windows XP and Windows 10, including their Windows Server counterparts, is supported.
This GitHub repository will regularly update the database of vulnerabilities so running
wes.py with the
--update parameter will get you the latest version. In case for some reason you want to generate the .csv file with hotfix information yourself, use the scripts from the /collector folder to compile the database. Read the comments at the top of each script and execute them in the order as they are listed below. After executing these scripts you will end up with the CVEs.csv file. The WES-NG collector pulls information from various sources:
- Microsoft Security Bulletin Data: KBs for older systems 
- MSRC: The Microsoft Security Update API of the Microsoft Security Response Center (MSRC) is nowadays the standardized way to obtain information about Microsoft updates 
- NIST National Vulnerability Database (NVD): Complement vulnerabilities with Exploit-DB links  These are combined into a single .csv file which is compressed and hosted in this GitHub repository.
- Support for ‘wmic qfe’ output in case the list of KBs in the systeminfo output is cut off
- Parameter to use the most recent KB installed as reference point to filter out all vulnerabilities of KBs prior this date
- Parameter to show version
- (Hidden) flag to debug supersedes
- Added comments to the code for improved readability
- Some minor improvements
git clone https://github.com/bitsadmin/wesng.git
Copyright (c) 2019, Arris Huijgen
All rights reserved.