{"id":15012577,"url":"https://github.com/microsoft/attacksurfaceanalyzer","last_synced_at":"2025-05-12T13:16:02.559Z","repository":{"id":38105846,"uuid":"170785395","full_name":"microsoft/AttackSurfaceAnalyzer","owner":"microsoft","description":"Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.","archived":false,"fork":false,"pushed_at":"2025-04-24T21:07:54.000Z","size":15306,"stargazers_count":2820,"open_issues_count":67,"forks_count":287,"subscribers_count":68,"default_branch":"main","last_synced_at":"2025-05-12T13:15:47.510Z","etag":null,"topics":["attack-surface","security-tools"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/microsoft.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":"SUPPORT.md","governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2019-02-15T01:50:44.000Z","updated_at":"2025-05-09T00:15:17.000Z","dependencies_parsed_at":"2023-10-14T15:23:33.466Z","dependency_job_id":"3e8816a6-7f88-4846-bf38-a9a99c98981c","html_url":"https://github.com/microsoft/AttackSurfaceAnalyzer","commit_stats":{"total_commits":613,"total_committers":12,"mean_commits":"51.083333333333336","dds":"0.26101141924959215","last_synced_commit":"9b8ec636292ee907629cde589f94f1ac40b8d58a"},"previous_names":[],"tags_count":243,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/microsoft%2FAttackSurfaceAnalyzer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/microsoft%2FAttackSurfaceAnalyzer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/microsoft%2FAttackSurfaceAnalyzer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/microsoft%2FAttackSurfaceAnalyzer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/microsoft","download_url":"https://codeload.github.com/microsoft/AttackSurfaceAnalyzer/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253745196,"owners_count":21957319,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["attack-surface","security-tools"],"created_at":"2024-09-24T19:42:52.038Z","updated_at":"2025-05-12T13:16:02.335Z","avatar_url":"https://github.com/microsoft.png","language":"C#","readme":"# Attack Surface Analyzer \r\nAttack Surface Analyzer is a [Microsoft](https://github.com/microsoft/) developed open source security tool that analyzes the attack \r\nsurface of a target system and reports on potential security vulnerabilities introduced during\r\nthe installation of software or system misconfiguration. \r\n\r\n## Getting Attack Surface Analyzer\r\n[![CodeQL](https://github.com/microsoft/AttackSurfaceAnalyzer/actions/workflows/codeql-analysis.yml/badge.svg)](https://github.com/microsoft/AttackSurfaceAnalyzer/actions/workflows/codeql-analysis.yml) [![Nuget](https://img.shields.io/nuget/dt/Microsoft.CST.AttackSurfaceAnalyzer.CLI)](https://www.nuget.org/packages/Microsoft.CST.AttackSurfaceAnalyzer.CLI) ![Nuget](https://img.shields.io/nuget/v/Microsoft.CST.AttackSurfaceAnalyzer.CLI)\r\n\r\nIf you have the [.NET SDK](https://dotnet.microsoft.com/download) installed you can install Attack Surface Analyzer with `dotnet tool install -g Microsoft.CST.AttackSurfaceAnalyzer.CLI`.\r\n\r\nPlatform specific binaries for Attack Surface Analyzer are distributed via our GitHub [releases](https://github.com/Microsoft/AttackSurfaceAnalyzer/releases/latest) page.\r\n\r\n### Dependencies on Linux/Docker\r\nAttack Surface Analyzer is built on .NET so [.NET's linux dependencies](https://github.com/dotnet/core/blob/main/release-notes/6.0/linux-packages.md) must be installed to run ASA.  Some linux distributions may not contain these packages by default.\r\n\r\nFor running Attack Surface Analyzer in Docker you should use the [.NET Docker Image Base](https://hub.docker.com/_/microsoft-dotnet-sdk/) or another image that has the .NET SDK installed, and then install the ASA tool from Nuget in your Dockerfile like `RUN dotnet tool install -g Microsoft.CST.AttackSurfaceAnalyzer.CLI`\r\n\r\n## Documentation\r\n\r\nDocumentation is available on the [Wiki](https://github.com/Microsoft/AttackSurfaceAnalyzer/wiki/).\r\n\r\nDocumentation for the [API](https://microsoft.github.io/AttackSurfaceAnalyzer/api/) is available on GitHub Pages.\r\n\r\n## New Features in 2.3\r\n\r\n- New Blazor GUI with Rule Authoring and Testing Sandbox\r\n- New Collectors\r\n- Improved collection and analysis performance.\r\n- Support for C# 10/.NET 6\r\n\r\n## Overview\r\n\r\nAttack Surface Analyzer 2 replaces the original Attack Surface Analyzer tool, released publicly in 2012.\r\n\r\nPotential users of Attack Surface Analyzer include:\r\n\r\n* DevOps Engineers - View changes to the system attack surface introduced when your software is installed.\r\n* IT Security Auditors - Evaluate risk presented by when third-party software is installed.\r\n\r\n## Core Features\r\n\r\nThe core feature of Attack Surface Analyzer is the ability to \"diff\" an operating system's security configuration, before and after a software component is installed and to run arbitrary complex rules on the results to surface interesting findings. This is important because most installation processes require elevated privileges, and once granted, can lead to unintended system configuration changes.\r\n\r\nAttack Surface Analyzer currently reports on changes to the following operating system components:\r\n\r\n- File system (static snapshot and live monitoring available)\r\n- User accounts\r\n- Services\r\n- Network Ports\r\n- Certificates\r\n- Registry\r\n- COM Objects\r\n- Event Logs\r\n- Firewall Settings\r\n- Wifi Networks\r\n- Cryptographic Keys\r\n- Processes\r\n- TPM Information\r\n\r\nAll data collected is stored in a set of local SQLite databases.\r\n\r\n## How to Use Attack Surface Analyzer\r\n\r\nRun the following commands in an Administrator Shell (or as root).  Replace ```asa``` with ```asa.exe``` as appropriate for your platform.\r\n\r\n### CLI Mode\r\nTo start a default all collectors run: ```asa collect -a```\r\n\r\nTo compare the last two collection runs: ```asa export-collect```\r\n\r\nFor other commands run: ```asa --help```\r\n\r\n### GUI Mode\r\nFor the GUI interface run: ```asa gui``` and a browser window should open directed at ```http://localhost:5000``` with the web based interface.\r\n\r\nDetailed information on how to use Attack Surface Analyzer can be found on our\r\n[wiki](https://github.com/Microsoft/AttackSurfaceAnalyzer/wiki).\r\n\r\n## Building\r\n\r\nTo build Attack Surface Analyzer, see [BUILD](https://github.com/Microsoft/AttackSurfaceAnalyzer/blob/main/BUILD.md).\r\n\r\n## Versions\r\nThe latest public version of Attack Surface Analyzer with public builds is 2.3 (see [Release\\v2.3](https://github.com/Microsoft/AttackSurfaceAnalyzer/tree/release/v2.3)).  \r\n\r\n## Contributing\r\n\r\nThis project welcomes contributions and suggestions. Most contributions require you to \r\nagree to a Contributor License Agreement (CLA) declaring that you have the right to, \r\nand actually do, grant us the rights to use your contribution. For details, visit \r\nhttps://cla.microsoft.com.\r\n\r\nWhen you submit a pull request, a CLA-bot will automatically determine whether you \r\nneed to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply \r\nfollow the instructions provided by the bot. You will only need to do this once across all \r\nrepos using our CLA.\r\n\r\nThis project has adopted the\r\n[Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).\r\n\r\nFor more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or\r\ncontact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.\r\n\r\n## Reporting Security Issues\r\n\r\nSecurity issues and bugs should be reported privately, via email, to the Microsoft Security\r\nResponse Center (MSRC) at [secure@microsoft.com](mailto:secure@microsoft.com). You should\r\nreceive a response within 24 hours. If for some reason you do not, please follow up via\r\nemail to ensure we received your original message. Further information, including the\r\n[MSRC PGP](https://technet.microsoft.com/en-us/security/dn606155) key, can be found in\r\nthe [Security TechCenter](https://technet.microsoft.com/en-us/security/default).\r\n\r\n## License\r\n\r\nAttack Surface Analyzer 2 is licensed under the\r\n[MIT license](https://github.com/Microsoft/AttackSurfaceAnalyzer/blob/main/LICENSE).\r\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmicrosoft%2Fattacksurfaceanalyzer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmicrosoft%2Fattacksurfaceanalyzer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmicrosoft%2Fattacksurfaceanalyzer/lists"}