Loic.microsoft.AttackSurfaceAnalyzer 1.0.0

dotnet add package Loic.microsoft.AttackSurfaceAnalyzer --version 1.0.0                
NuGet\Install-Package Loic.microsoft.AttackSurfaceAnalyzer -Version 1.0.0                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Loic.microsoft.AttackSurfaceAnalyzer" Version="1.0.0" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add Loic.microsoft.AttackSurfaceAnalyzer --version 1.0.0                
#r "nuget: Loic.microsoft.AttackSurfaceAnalyzer, 1.0.0"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install Loic.microsoft.AttackSurfaceAnalyzer as a Cake Addin
#addin nuget:?package=Loic.microsoft.AttackSurfaceAnalyzer&version=1.0.0

// Install Loic.microsoft.AttackSurfaceAnalyzer as a Cake Tool
#tool nuget:?package=Loic.microsoft.AttackSurfaceAnalyzer&version=1.0.0                

Attack Surface Analyzer

Attack Surface Analyzer is a Microsoft developed open source security tool that analyzes the attack surface of a target system and reports on potential security vulnerabilities introduced during the installation of software or system misconfiguration.

Getting Attack Surface Analyzer

CodeQL Nuget Nuget

If you have the .NET Core SDK installed you can install Attack Surface Analyzer with dotnet tool install -g Microsoft.CST.AttackSurfaceAnalyzer.CLI.

Platform specific binaries for Attack Surface Analyzer are distributed via our GitHub releases page.

Documentation

Documentation is available on the Wiki.

Documentation for the API is available on GitHub Pages.

New Features in 2.3

  • New Blazor GUI with Rule Authoring and Testing Sandbox
  • New Collectors
  • Improved collection and analysis performance.
  • Support for C# 9/.NET 5

Overview

Attack Surface Analyzer 2 replaces the original Attack Surface Analyzer tool, released publicly in 2012.

Potential users of Attack Surface Analyzer include:

  • DevOps Engineers - View changes to the system attack surface introduced when your software is installed.
  • IT Security Auditors - Evaluate risk presented by when third-party software is installed.

Core Features

The core feature of Attack Surface Analyzer is the ability to "diff" an operating system's security configuration, before and after a software component is installed and to run arbitrary complex rules on the results to surface interesting findings. This is important because most installation processes require elevated privileges, and once granted, can lead to unintended system configuration changes.

Attack Surface Analyzer currently reports on changes to the following operating system components:

  • File system (static snapshot and live monitoring available)
  • User accounts
  • Services
  • Network Ports
  • Certificates
  • Registry
  • COM Objects
  • Event Logs
  • Firewall Settings
  • Wifi Networks
  • Cryptographic Keys
  • Processes
  • TPM Information

All data collected is stored in a set of local SQLite databases.

How to Use Attack Surface Analyzer

Run the following commands in an Administrator Shell (or as root). Replace asa with asa.exe as appropriate for your platform.

CLI Mode

To start a default all collectors run: asa collect -a

To compare the last two collection runs: asa export-collect

For other commands run: asa --help

GUI Mode

For the GUI interface run: asa gui and a browser window should open directed at http://localhost:5000 with the web based interface.

Detailed information on how to use Attack Surface Analyzer can be found on our wiki.

Building

To build Attack Surface Analyzer, see BUILD.

Versions

The latest public version of Attack Surface Analyzer with public builds is 2.3 (see Release\v2.3).

2.4 is now in development on the main branch. You can see the features coming here.

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct.

For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Reporting Security Issues

Security issues and bugs should be reported privately, via email, to the Microsoft Security Response Center (MSRC) at secure@microsoft.com. You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Further information, including the MSRC PGP key, can be found in the Security TechCenter.

License

Attack Surface Analyzer 2 is licensed under the MIT license.

Product Compatible and additional computed target framework versions.
.NET net5.0 is compatible.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
  • net5.0

    • No dependencies.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
1.0.0 0 7/31/2021