This tool is based on our Black Hat USA 2015 presentation, WSUSpect – Compromising the Windows Enterprise via Windows Update.
The tool is written in Python and is intended to be used by pen-testers to demonstrate the risks of using an insecurely configured WSUS setup. To successfully use WSUSpect Proxy, you need a Windows machine that is configured to fetch WSUS updates over HTTP. The proxy settings for the machine should be changed (either manually or via other means) to point to the IP and port that the proxy script is running on. When Windows Update runs, the script will then insert 'fake' update metadata into traffic between the target PC and WSUS server.
To meet the security requirements of Windows Update, our proxy is designed to deliver genuine Microsoft-signed binaries such as PsExec or BgInfo, but with custom arguments that allow arbitrary command execution. These binaries aren't included with the tool, you will need to download them and place them into the tool directory.
For more information, please read the WSUSpect whitepaper and the README.md file included with the tool.
The WSUSpect Proxy tool has been released under the MIT license, by downloading you are agreeing to the terms of the license which can be found here.