Giter Club home page Giter Club logo

attacksurfaceanalyzer's Introduction

Attack Surface Analyzer

Getting Attack Surface Analyzer

Attack Surface Analyzer is distributed via our GitHub releases page.

  • AsaCli builds include only the command-line interface.
  • AsaGui builds include only a graphical user interface available either via your own browser (AsaGui-slim-* packages) or via an integrated Electron application (AsaGui-Win10-*)

The database format is compatible between the Cli and Gui versions.

Note on Version

The latest released version of Attack Surface Analyzer is 2.0 (see Release\v2.0).
You are currently viewing the master branch, which tracks continuing development and is not recommended for production use.

Overview

Attack Surface Analyzer is a Microsoft-developed open source security tool that analyzes the attack surface of a target system and reports on potential security vulnerabilities introduced during the installation of software or system misconfiguration.

Attack Surface Analyzer 2.0 replaces the original Attack Surface Analyzer tool, released publicly in 2012.

Potential users of Attack Surface Analyzer include:

  • DevOps Engineers - View changes to the system attack surface introduced when your software is installed.
  • IT Security Auditors - Evaluate risk presented by when third-party software is installed.

Core Features

The core feature of Attack Surface Analyzer is the ability to "diff" an operating system's security configuration, before and after a software component is installed. This is important because most installation processes require elevated privileges, and once granted, can lead to unintended system configuration changes.

Attack Surface Analyzer currently reports on changes to the following operating system components:

  • File system (static snapshot and live monitoring available)
  • User accounts
  • Services
  • Network Ports
  • Certificates
  • Registry (Windows only)

All data collected is stored in a local SQLite database called asa.sqlite.

How to Use Attack Surface Analyzer

Run the following commands in an Administrator Shell (or as root)

CLI Mode

To start a default all collectors run: asa.exe collect

To compare the last two collection runs: asa.exe export-collect

For other commands run: asa.exe --help

GUI Mode

For the GUI interface run: asa.exe gui and a browser window should open directed at http://localhost:5000 with the web based interface.

Detailed information on how to use Attack Surface Analyzer can be found on our wiki.

Future Plans (tentative)

We plan on adding additional features to Attack Surface Analyzer, including those from the list below:

  • Extended Driver details
  • Network traffic (live monitoring)
  • Registry (live monitoring)
  • Requested features which existed in the original Attack Surface Analyzer.

If you have feedback on these or other features, please open an issue.

Installation

Attack Surface Analyzer runs on Windows, Linux, and MacOS, and is built using .NET Core.

Packages are available on our releases page as compressed archives.

Building

To build Attack Surface Analyzer, see BUILD.

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct.

For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.

Reporting Security Issues

Security issues and bugs should be reported privately, via email, to the Microsoft Security Response Center (MSRC) at [email protected]. You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Further information, including the MSRC PGP key, can be found in the Security TechCenter.

License

Attack Surface Analyzer 2.0 is licensed under the MIT license.

attacksurfaceanalyzer's People

Contributors

0xflotus avatar fengjixuchui avatar gfs avatar guyacosta avatar microsoftopensource avatar msftgits avatar scovetta avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.