Unpatched Vulnerabilities
The following tools are specifically designed to detect unpatched Windows Vulnerabilities given Windows Build Version.
- wesng (3.9k β, work locally from an output file π)
- Watson (1.5k β, 2020 πͺ¦)
- Sherlock (1.8k β, 2018 πͺ¦)
- Windows-Exploit-Suggester (3.8k β, 2017 πͺ¦)
You can use wmic qfe or Get-HotFix | ft -AutoSize to list the last installed hotfixes.
Using wesng, you either systeminfo output or missingkbs.vbs?
PS> systeminfo > output.txt
Upload either output on your host and analyze it:
$ wes.py --update # update local database
$ wes.py [...] output.txt # process the selected tool output