Top Commands
Windows Exploit Suggester
#Windows Machine
- Run systeminfo on the windows machine
#Linux Machine
- Copy all the data result and create a .txt document with all the information in it
- Run ./windows-exploit-suggester.py --update ---> Create a fresh database of new exploits
- Run ./windows-exploit-suggester.py -i DATA-FOUND.TXT -d DATABASE.xlm
Output: [+] ---> Vulnerable [*] ---> Not Vulnerable
WES-NG (Windows Exploit Suggester - Next Generation)
#Linux
wes.py --update
#Windows Machine
systeminfo
#Linux
wes.py systeminfo.txt
Info Some exploit suggesting scripts (e.g. winPEAS) will require you to upload them to the target system and run them there. This may cause antivirus software to detect and delete them. To avoid making unnecessary noise that can attract attention, you may prefer to use WES-NG, which will run on your attacking machine (e.g. Kali or TryHackMe AttackBox).
Metasploit
multi/recon/local_exploit_suggester
Info
If you already have a Meterpreter shell on the target system, you can use the multi/recon/local_exploit_suggester
 module to list vulnerabilities that may affect the target system and allow you to elevate your privileges on the target system.