Guide to using Windows expand suggester

Introduction

The function of windows expand suggester is just like its name. When we use it to detect a certain system, it will tell us which expansits the system may use. However, because the tool first assumes that a system has all relevant vulnerabilities, and then eliminates them according to the patch information, the false alarm rate will be higher. For example, a machine does not enable IIS service, but the tool may false report IIS related vulnerabilities

using

First, go to GitHub and download it:
https://github.com/GDSSecurity/Windows-Exploit-Suggester
step1

After running the above command, you can see that there will be another XLS file in the tool directory, which is equivalent to all vulnerability databases.

step2

Install xlrd

step3

Get the systeminfo information of the target system and save it in a directory that you can control

systeminfo.exe&>C:\Users\test\Desktop\systeminfo.txt

Step4
after getting the systeminfo information file, we just need to compare the file with the XLS file we just downloaded, and windows expand advisor can give us suggestions!

pythonpythonwindows-exploit-suggester.py-d2018-08-06-mssb.xls-isyteminfo.txt

-The path of systeminfo file is followed by I’m copying it to the same directory as the tool

summary

Generally speaking, this tool is quite convenient when it is used to raise rights, but the operation is a little cumbersome, and it also needs to export the systeminfo file and so on.