| 879 | |
| 880 | # Specify arguments using for the argparse library |
| 881 | def parse_arguments(): |
| 882 | examples = r'''Examples: |
| 883 | Download latest definitions |
| 884 | {0} --update |
| 885 | {0} -u |
| 886 | |
| 887 | Determine vulnerabilities |
| 888 | {0} systeminfo.txt |
| 889 | |
| 890 | Determine vulnerabilities using the qfe file. List the OS by first running the command without the --os parameter |
| 891 | {0} --qfe qfe.txt --os 'Windows 10 Version 20H2 for x64-based Systems' |
| 892 | {0} -q qfe.txt --os 9 |
| 893 | |
| 894 | Determine vulnerabilities and output to file |
| 895 | {0} systeminfo.txt --output vulns.csv |
| 896 | {0} systeminfo.txt -o vulns.csv |
| 897 | |
| 898 | Determine vulnerabilities explicitly specifying KBs to reduce false-positives |
| 899 | {0} systeminfo.txt --patches KB4345421 KB4487017 |
| 900 | {0} systeminfo.txt -p KB4345421 KB4487017 |
| 901 | |
| 902 | Determine vulnerabilies filtering out out vulnerabilities of KBs that have been published before the publishing date of the most recent KB installed |
| 903 | {0} systeminfo.txt --usekbdate |
| 904 | {0} systeminfo.txt -d |
| 905 | |
| 906 | Determine vulnerabilities explicitly specifying definitions file |
| 907 | {0} systeminfo.txt --definitions C:\tmp\mydefs.zip |
| 908 | |
| 909 | List only vulnerabilities with exploits, excluding IE, Edge and Flash |
| 910 | {0} systeminfo.txt --exploits-only --hide "Internet Explorer" Edge Flash |
| 911 | {0} systeminfo.txt -e --hide "Internet Explorer" Edge Flash |
| 912 | |
| 913 | Only show vulnerabilities of a certain impact |
| 914 | {0} systeminfo.txt --impact "Remote Code Execution" |
| 915 | {0} systeminfo.txt -i "Remote Code Execution" |
| 916 | |
| 917 | Only show vulnerabilities of a certain severity |
| 918 | {0} systeminfo.txt --severity critical |
| 919 | {0} systeminfo.txt -s critical |
| 920 | |
| 921 | Show vulnerabilities based on missing patches |
| 922 | {0} --missing missing.txt |
| 923 | {0} -m missing.txt |
| 924 | |
| 925 | Show vulnerabilities based on missing patches specifying OS |
| 926 | {0} --missing missing.txt --os "Windows 10 Version 1809 for x64-based Systems" |
| 927 | {0} -m missing.txt --os 2 |
| 928 | |
| 929 | Validate supersedence against Microsoft's online Update Catalog |
| 930 | {0} systeminfo.txt --muc-lookup |
| 931 | |
| 932 | Show colored output |
| 933 | {0} systeminfo.txt --color |
| 934 | {0} systeminfo.txt -c |
| 935 | |
| 936 | Download latest version of WES-NG |
| 937 | {0} --update-wes |
| 938 | '''.format(FILENAME) |