Requested by Fritz

Is your feature request related to a problem? Please describe.
The folder with the executable is cluttered.

Describe the solution you'd like
Have the build output a single .exe or equivalent that can be run standalone.

Describe alternatives you've considered
Have tried warp-packaging, and CoreRT. Neither suited our needs.

System Configuration (please complete the following information):

• OS: All
• CLI or GUI: CLI

Is your feature request related to a problem? Please describe.
Specifically difficult to launch an application as root on Mac OS. To simplify this, the GUI should elevate after launching, and only elevate for the Engine, rather than the whole application.

Describe the solution you'd like
Launch the engine as administrator/root, including prompting the user as appropriate.

Describe alternatives you've considered
An installer which gives the Engine administrator/root privileges to run is an alternative.

Describe the bug
If you run export-collect without any options, you get an InvalidOperationException:

PS C:\Users\scovetta\Desktop\AttackSurfaceAnalyzerCli-windows-2.0.38-beta+6b0ad9732a> .\AttackSurfaceAnalyzerCli.exe export-collect /?
2019-04-01 05:25:14.5075|INFO|AttackSurfaceAnalyzer.Utils.Logger|AttackSurfaceAnalyzerCli v.2.0.38-beta+6b0ad9732a
2019-04-01 05:25:14.7827|WARN|AttackSurfaceAnalyzer.Utils.Logger|Done setting up.

Unhandled Exception: System.InvalidOperationException: Value must be set.
   at Microsoft.Data.Sqlite.SqliteParameter.Bind(sqlite3_stmt stmt)
   at Microsoft.Data.Sqlite.SqliteParameterCollection.Bind(sqlite3_stmt stmt)
   at Microsoft.Data.Sqlite.SqliteCommand.ExecuteReader(CommandBehavior behavior)
   at AttackSurfaceAnalyzer.Cli.AttackSurfaceAnalyzerCLI.RunExportCollectCommand(ExportCollectCommandOptions opts) in D:\a\1\s\Cli\Program.cs:line 213
   at AttackSurfaceAnalyzer.Cli.AttackSurfaceAnalyzerCLI.Main(String[] args) in D:\a\1\s\Cli\Program.cs:line 208

To Reproduce
Steps to reproduce the behavior:

1. Run AttackSurfaceAnalyzerCli.exe export-collect
2. See error.

System Configuration (please complete the following information):

• OS: Windows
• OS Version: Windows 10
• Application Version: 2.0.38-beta+6b0ad9732a
• CLI or GUI: CLI

The file collector inadvertently gathers a lot of "background noise" that isn't directly influenced by the topic of investigation. We should add a filter that eliminates tracking of that background noise.

Is your feature request related to a problem? Please describe.
There is no help feature in the GUI version of the tool unlike the CLI

Describe the solution you'd like
Open the default browser to the project wiki which will have growing content for help, links to FAQ's etc.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

System Configuration (please complete the following information):

• OS: [e.g. Windows]
• OS Version: [e.g. Windows 10 1803]
• Application Version: [e.g. 2.0.1-beta+50af283871]
• CLI or GUI: GUI

Additional context
Add any other context or screenshots about the feature request here.

Describe the bug
The "ServiceCollector" crashes on Linux with a "Index was outside the bounds of the array" message.

To Reproduce
Steps to reproduce the behavior:

1. Install Ubuntu 16.04.6
2. Clone repo and install build deps
3. Build CLI + GUI from the published build guide
4. Start GUI and select all of the options
5. Notice that ServiceCollector never finishes because it crashed (messages are in the console)

Expected behavior
No crashes

Screenshots
N/A

System Configuration (please complete the following information):

• OS: Ubuntu 16.04
• OS Version: Ubuntu 16.04.6
• Application Version: master
• CLI or GUI: GUI

Additional Context
Relevant messages from the console

stdout: [12:30:45 DBG] ^/run/systemd/ caught /run/systemd/inhibit
stdout: [12:30:45 WRN] Unable to get access control for /run/udev/link.dvd: Path doesn't exist!
stdout: [12:30:45 WRN] Unable to get access control for /run/udev/link.cdrw: Path doesn't exist!
stdout: [12:30:45 INF] Completed FileSystemCollector in 00h:00m:12s:667ms
[12:30:45 DBG] 00:00:12.6670000
stdout: [12:30:45 INF] Completed: FileSystemCollector
stdout: [12:30:45 INF] Executing OpenPortCollector.
[12:30:45 DBG] Collecting open port information...
stdout: [12:30:45 DBG] ExecuteLinux()
stdout: [12:30:45 INF] Completed OpenPortCollector in 00h:00m:00s:084ms
stdout: [12:30:45 DBG] 00:00:00.0840000
stdout: [12:30:45 INF] Completed: OpenPortCollector
stdout: [12:30:45 INF] Executing ServiceCollector.
stdout: [12:30:45 ERR] Error collecting from ServiceCollector: Index was outside the bounds of the array.    at AttackSurfaceAnalyzer.Collectors.Service.ServiceCollector.Execute() in /home/user/Desktop/AttackSurfaceAnalyzer/Lib/Collectors/Service/ServiceCollector.cs:line 209
   at AttackSurfaceAnalyzer.Cli.AttackSurfaceAnalyzerCLI.RunCollectCommand(CollectCommandOptions opts) in /home/user/Desktop/AttackSurfaceAnalyzer/Cli/Program.cs:line 1131
System.IndexOutOfRangeException: Index was outside the bounds of the array.
   at AttackSurfaceAnalyzer.Collectors.Service.ServiceCollector.Execute() in /home/user/Desktop/AttackSurfaceAnalyzer/Lib/Collectors/Service/ServiceCollector.cs:line 209
   at AttackSurfaceAnalyzer.Cli.AttackSurfaceAnalyzerCLI.RunCollectCommand(CollectCommandOptions opts) in /home/user/Desktop/AttackSurfaceAnalyzer/Cli/Program.cs:line 1131
stdout: [12:30:45 INF] Completed: ServiceCollector
stdout: [12:30:45 INF] Executing UserAccountCollector.
stdout: [12:30:45 DBG] ExecuteLinux()
stdout: [12:30:45 INF] Completed UserAccountCollector in 00h:00m:00s:021ms
stdout: [12:30:45 DBG] 00:00:00.0210000
stdout: [12:30:45 INF] Completed: UserAccountCollector
stdout: [12:30:45 INF] Completed: CertificateCollector

Describe the bug
running electronize start from the Gui directory yields the following error

user@ubuntu:~/Desktop/AttackSurfaceAnalyzer/Gui$ electronize start
Start Electron Desktop Application...
Microsoft (R) Build Engine version 16.0.450+ga8dc7f1d34 for .NET Core
Copyright (C) Microsoft Corporation. All rights reserved.
/home/user/Desktop/AttackSurfaceAnalyzer/Gui/AttackSurfaceAnalyzerGui.csproj : error MSB4236: The SDK 'Microsoft.NET.Sdk.web' specified could not be found.
Error occurred during dotnet publish: 1

A small amount of searching yields a hint at the OmniSharp project

For case-sensitive OS the AttackSurfaceAnalyzerGui.csproj needs an uppercase W in web
so changing

<Project Sdk="Microsoft.NET.Sdk.web">

to

<Project Sdk="Microsoft.NET.Sdk.Web">

makes the build go.

To Reproduce
Steps to reproduce the behavior:

1. Follow build instructions at https://github.com/Microsoft/AttackSurfaceAnalyzer/blob/master/BUILD.md on Ubuntu Linux

Expected behavior
electrionize start doesnt fail

Screenshots
N/A

System Configuration (please complete the following information):

• OS: Ubuntu 16.04
• OS Version: Ubuntu 16.04.6
• Application Version: N/A
• CLI or GUI: Gui

Additional Context
Add any other context about the problem here.

Is your feature request related to a problem? Please describe.
The default log formatter for the CLI doesn't seem to use the NLog.config configuration, instead initializing programatically, with output separated by pipes, e.g.:

2019-03-30 22:29:12.3040|INFO|AttackSurfaceAnalyzer.Utils.Logger|AttackSurfaceAnalyzerCli v.2.0.38-beta+6b0ad9732a
2019-03-30 22:29:12.3399|WARN|AttackSurfaceAnalyzer.Utils.Logger|Attack Surface Enumerator must be run as Administrator.

Describe the solution you'd like

2019-03-30 22:29:12 - INFO - AttackSurfaceAnalyzerCli v.2.0.38-beta+6b0ad9732a
2019-03-30 22:29:12 - WARN - Attack Surface Enumerator must be run as Administrator.

Describe alternatives you've considered
Copying an NLog.config into the directory with the final executable doesn't appear to work.

System Configuration (please complete the following information):

• OS: Windows
• OS Version: Windows 10
• Application Version: 2.0.38-beta
• CLI or GUI: CLI

Additional context
n/a

User request

We don't currently perform any validation on the filters.json file provided. We should check that all the regex as okay and give a warning if the file isn't okay.

Describe the bug
When navigating the GUI pages after starting the app as Admin, Fiddler shows a 404 generated or page not found for the Results page which curiously has the URL /Home/Home/CheckAdmin. Note the /Home/CheckAdmin URL generates a 200 success response. Might be nothing but thought I would report it in case it causes some hidden and unexpected behavior.

To Reproduce
Steps to reproduce the behavior:

1. Go to ASA GUI and start as admin with Fiddler running
2. Click on Scan page then Results page and note the capture -see attached

Expected behavior
No 404's for navigating the GUI

Screenshots
If applicable, add screenshots to help explain your problem.

System Configuration (please complete the following information):

• OS: [e.g. Windows]
• OS Version: [e.g. Windows 10 1803]
• Application Version: [e.g. 2.0.1-beta+50af283871]
• CLI or GUI:

Additional Context
Add any other context about the problem here.

Running non-elevated after running elevated on linux hits an exception

Unhandled Exception: Microsoft.Data.Sqlite.SqliteException: SQLite Error 8: 'attempt to write a readonly database'.
   at Microsoft.Data.Sqlite.SqliteException.ThrowExceptionForRC(Int32 rc, sqlite3 db)
   at Microsoft.Data.Sqlite.SqliteCommand.ExecuteReader(CommandBehavior behavior)
   at Microsoft.Data.Sqlite.SqliteCommand.ExecuteNonQuery()
   at Microsoft.Data.Sqlite.SqliteConnectionExtensions.ExecuteNonQuery(SqliteConnection connection, String commandText)
   at Microsoft.Data.Sqlite.SqliteTransaction..ctor(SqliteConnection connection, IsolationLevel isolationLevel)
   at Microsoft.Data.Sqlite.SqliteConnection.BeginTransaction(IsolationLevel isolationLevel)
   at AttackSurfaceAnalyzer.Utils.DatabaseManager.get_Transaction() in D:\a\1\s\Lib\Utils\DatabaseManager.cs:line 178
   at AttackSurfaceAnalyzer.Utils.DatabaseManager.Setup() in D:\a\1\s\Lib\Utils\DatabaseManager.cs:line 72
   at AttackSurfaceAnalyzer.Cli.AttackSurfaceAnalyzerCLI.Main(String[] args) in D:\a\1\s\Cli\Program.cs:line 212

It looks like we either need to create the database itself with non-admin permissions (preferred) or move the admin check earlier (easier).

To go with the export and list runs functions, add some additional functions which could allow, for example, deleting a run from the database.

User story: Run was cancelled mid-run. Correspondingly desired run id is unavailable for the next attempt, with rejected data stuck in the db.

Source: User feedback

There are some commands that deal exclusively with data that has already been collected. If the user attempts one of those commands without having created a database (or having entered the wrong custom path) they just get a null result set.

For example: the config --list-runs command.

Current best idea: Send Log.Warning that the database they proposed didn't exist.

This might not happen, as it does require rewriting the DatabaseManager to check if the file already exists, rather than the openorcreate behavior we currently use.

Describe the bug
A test output.html is located in the source tree and should be removed.

To Reproduce
Steps to reproduce the behavior:

1. View output.html

Expected behavior
Test files shouldn't be located in the source tree (a 'tests' directory, perhaps).

Screenshots
n/a

System Configuration (please complete the following information):

• OS: n/a
• OS Version: n/a
• Application Version: n/a

Additional context
n/a

Describe the bug
The default zip file name is long enough to cause unzip issues that block some files from extraction and require the user to skip, cancel or restart the extraction but change the default foldername to install to.

Also changing the zip name and reattempting extraction fixes the issue.

To Reproduce
Steps to reproduce the behavior:

1. Go to the Release page
2. Click on a zip of the GUI version to download
3. Right click and chose to Extract all
4. See error

Expected behavior
Use a shorter zip name to avoid the issue

Screenshots
If applicable, add screenshots to help explain your problem.

System Configuration (please complete the following information):

• OS: Windows
• OS Version: [e.g. Windows 10 1803]
• Application Version: [e.g. 2.0.1-beta+50af283871]
• CLI or GUI:

Additional Context
Add any other context about the problem here.

Describe the bug
Enter an invalid folder for live monitoring and no error is indicated only that it completed the collection. Minor bug but might be helpful to report as an error.

To Reproduce
Steps to reproduce the behavior:

1. Go to Scan page
2. Click on Live Monitor
3. Enter an invalid non-existent folder and click Collect Data
4. See error not reported but that Collection Completed.

Expected behavior
Minor bug but might be helpful to report as an error.

Screenshots
If applicable, add screenshots to help explain your problem.

System Configuration (please complete the following information):

• OS: [e.g. Windows]
• OS Version: [e.g. Windows 10 1803]
• Application Version: [e.g. 2.0.1-beta+50af283871]
• CLI or GUI: GUI

Additional Context
Add any other context about the problem here.

Add capability to monitor network traffic.

Is your feature request related to a problem? Please describe.
The Microsoft SDL resource page contains Attack Surface Analyzer (classic) as in the legacy/retired section.

Describe the solution you'd like
Move ASA from the Retired to the Tools section. Change the link to the GitHub project page, and add a link to get to the classic edition.

FYI @BruceCowper

Since the run information in the database now contains a timestamp, the number of required command line parameters for data collection and comparison can be simplified.

(1) Data collection should not need a runid. The collector can create a default runid based on the timestamp.

(2) Data comparison should not need a designation for either runid, in the common case that the database contains exactly two runs.

So a minimal command usage would be

attacksurfaceanalyzer.exe config --reset-database
attacksurfaceanalyzer.exe collect -a

attacksurfaceanalyzer.exe collect -a
attacksurfaceanalyzer.exe compare

Describe the bug
While a PRIVACY.md file exists in the program folder the user should be able to easily get to the notice details from the control where they are asked whether to allow telemetry or not.

To Reproduce
Steps to reproduce the behavior:

1. Go to application home page
2. See control for Enable / Disable Telemetry

Expected behavior
A visible link or instructions to find privacy details

Screenshots
If applicable, add screenshots to help explain your problem.

System Configuration (please complete the following information):

• OS: [e.g. Windows]
• OS Version: [e.g. Windows 10 1803]
• Application Version: [e.g. 2.0.1-beta+50af283871]
• CLI or GUI: GUI

Additional Context
Add any other context about the problem here.

Describe the bug*
Minor state issue with collectors after a completed scan which are not reset if the user navigates away to Results or Home including if the user selects Get Started button. The scanID is cleared of the last value but not the collectors.

Expected behavior
Either change the Collect Data to "New" and keep both the scanID and collector state from the last run until they click New to clear it or once a user navigates away and returns to the Scan page clear the prior collection state.

Screenshots

System Configuration (please complete the following information):

• OS: All
• OS Version: [e.g. Windows 10 1803]
• Application Version: [e.g. 2.0.1-beta+50af283871]
• CLI or GUI: GUI

Describe the bug
Goal is to sign executable binary files for CLI and GUI release packages for Windows. Currently only the .exe's are signed due to build pipeline configuration.

To Reproduce
Steps to reproduce the behavior:

1. Download release zips for Windows
2. See file properties for .exe's with signature
3. See file properties for first party (this project) .dll's without a digital signature

Expected behavior
See description

Screenshots
If applicable, add screenshots to help explain your problem.

System Configuration (please complete the following information):

• OS: Windows
• OS Version: [e.g. Windows 10 1803]
• Application Version: latest
• CLI or GUI: both

Additional Context
Add any other context about the problem here.

Describe the solution you'd like
The public Wikipedia page should be updated to include information on the new version, but leaving some information on the original version, too.

Describe the bug
Following build instructions on Ubuntu Linux 16.04, running any commands that involves dotnet fails with the following error:

user@ubuntu:~/Desktop/AttackSurfaceAnalyzer/Tools$ dotnet tool install ElectronNET.CLI -g --version 0.0.11-custom --add-source packages

user@ubuntu:~/Desktop/AttackSurfaceAnalyzer/Tools$ dotnet --version
A compatible SDK version for global.json version: [2.2.105] from [/home/user/Desktop/AttackSurfaceAnalyzer/global.json] was not found
Did you mean to run dotnet SDK commands? Please install dotnet SDK from:
  https://go.microsoft.com/fwlink/?LinkID=798306&clcid=0x409

user@ubuntu:~/Desktop/AttackSurfaceAnalyzer/Tools$ cd ..

user@ubuntu:~/Desktop/AttackSurfaceAnalyzer$ dotnet --version
A compatible SDK version for global.json version: [2.2.105] from [/home/user/Desktop/AttackSurfaceAnalyzer/global.json] was not found
Did you mean to run dotnet SDK commands? Please install dotnet SDK from:
  https://go.microsoft.com/fwlink/?LinkID=798306&clcid=0x409

user@ubuntu:~/Desktop/AttackSurfaceAnalyzer$ cd ..

user@ubuntu:~/Desktop$ dotnet --version
2.2.202

Ok, so dotnet will fail hard if it finds a global.json file. I finally got the version out of dotnet after changing to the Desktop directory. I have 2.2.202

Inspecting the global.json file that ships with ASA source code we can see a value of 2.2.105. Changing this to the version I have 2.2.202 makes dotnet happy.

To Reproduce
Steps to reproduce the behavior:

1. Create a new Ubuntu VM
2. Install dotnet as found in https://dotnet.microsoft.com/download/linux-package-manager/ubuntu16-04/sdk-2.2.202
3. git clone ASA
4. Follow the build instructions at https://github.com/Microsoft/AttackSurfaceAnalyzer/blob/master/BUILD.md

Expected behavior
Installing a higher version of dotnet works just fine

Screenshots
N/A

System Configuration (please complete the following information):

• OS: Ubuntu 16.04
• OS Version: 16.04.6
• Application Version: master
• CLI or GUI: Tools

Additional Context
Add any other context about the problem here.

Strings available in separate resource files.

The FileSystemUtils.cs and WindowsFileSystemUtils.cs are using different algorithms to hash file contents. Since it's unlikely that anyone would need to do a diff between operating systems, it probably wouldn't cause a problem. (I'm also not sure if the FileSystemUtils.cs version is ever actually called.) Either way, we should be consistent. I'm not sure whether MurMurHash or xxHash would be faster here, but we should do a test and decide on one or the other.

Describe the bug
Current documentation does not include Win7 support which has now been fixed and verified. Docs should reflect that on wiki/readme etc.

To Reproduce
Steps to reproduce the behavior:

1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error

Expected behavior
Update docs to reflect Win7 support for CLI version

Screenshots
If applicable, add screenshots to help explain your problem.

System Configuration (please complete the following information):

• OS: Windows
• OS Version: 7
• Application Version: [e.g. 2.0.1-beta+50af283871]
• CLI or GUI: CLI

Additional Context
Add any other context about the problem here.

In some places in the code (registrycompare for example) the logging goes dark on the console, but still goes to the file logger.

Describe the bug
Detected an exception being reported regularly for GUI version of app related to inability to write to certificate table.

To Reproduce
Steps to reproduce the behavior:

1. Go to Scan, run a couple
2. Click on Results to analyze
3. Note captured exception being sent as part of telemetry

Expected behavior
No exceptions reported on normal application use

Screenshots
If applicable, add screenshots to help explain your problem.

System Configuration (please complete the following information):

• OS: [e.g. Windows]
• OS Version: [e.g. Windows 10 1803]
• Application Version: [e.g. 2.0.1-beta+50af283871]
• CLI or GUI:

Additional Context
Add any other context about the problem here.

Describe the bug
If a user (on Windows, in my case) runs the CLI version as a standard user, they get a UAC popup from .NET Core Host. If I click 'yes', then another command window opens briefly and then closes automatically, and I'm left back at the command prompt without information about what went wrong.

To Reproduce
Steps to reproduce the behavior:

1. Start as a standard user.
2. Open a PowerShell console.
3. Run AttackSurfaceAnalyzerCli.exe
4. Witness the popup open and close.

Expected behavior
Either provide the user immediate feedback that they should run the CLI once they have elevated privileges, or on Windows, trigger a UAC popup and elevate privileges from there.

Screenshots
n/a

System Configuration (please complete the following information):

• OS: Windows
• OS Version: Windows 10
• Application Version: 2.0.1-beta+50af283871

Additional context
n/a

Add collection of firewall settings.

The clean API method we use to collect certificates appears to function on Windows only.

On linux systemwide certificates are held in /etc/ssl/certs and can be parsed with openssl x509

On mac systemwide certificates can be listed with security find-certificate -a

Is your feature request related to a problem? Please describe.
Users should have a way to verify the hashes found in hashes.txt match those in the downloadable asset packages and that they haven't been tampered with.

Describe the solution you'd like
Add a GPG based or similar signature for the hashes file now included in each Release that can be used to verify against Release zip/tar packages that are part of the automated build pipeline.

Describe the bug
As telemetry support was added to the CLI version, the cmdline help needs to be updated to instruct users how to enable/disable which is currently missing

To Reproduce
Steps to reproduce the behavior:

1. Go to cmd line and run the application help and see that there is no mention of telemetry options

Expected behavior
Users should have a clear method to turn on/off with default for CLI being disabled.

Screenshots
attached

System Configuration (please complete the following information):

• OS: Windows
• OS Version: [e.g. Windows 10 1803]
• Application Version: 2.0.77
• CLI or GUI: CLI

Additional Context
Add any other context about the problem here.

Is your feature request related to a problem? Please describe.
The CLI help provides command and subcommand lists do not indicate what values are expected in all cases leaving the user wondering what to provide and in some cases actually cases an error for incorrect values for example when enabling/disabling telemetry a 1 or 0 does not work and actually causes an exception to be thrown.

Describe the solution you'd like
Similar to other applications help provide example values i.e. "true|false"

System Configuration (please complete the following information):

• OS: [e.g. Windows]
• OS Version: [e.g. Windows 10 1803]
• Application Version: [e.g. 2.0.1-beta+50af283871]
• CLI or GUI: CLI

Additional context
Add any other context or screenshots about the feature request here.

Describe the bug
Very recently a bug was introduced which blocks basic collection from working. I've tested a few releases back but didn't go far enough to find the genesis. Friday's version v2.0.1-beta
50af283 does not have the problem.

To Reproduce
Steps to reproduce the behavior:

1. Go to Scan after downloading the latest version
2. Click on Scan after selecting any collection types
3. See the collection change to starting then suddenly revert to "Ready to begin collection" without collection normal collection activities etc.

Expected behavior
A clear and concise description of what you expected to happen.

Screenshots
If applicable, add screenshots to help explain your problem.

System Configuration (please complete the following information):

• OS: Windows
• OS Version: all
• Application Version: [e.g. 2.0.59-beta...and older]
• CLI or GUI: GUI

Additional Context
Issue submitted by Jeremy

The code paths that CLI and GUI have diverged because of the different user flows. Either need to redesign the GUI flow or rewrite the export function for GUI as it is too slow for large data sets.

Is your feature request related to a problem? Please describe.
During execution, the signature check calls out to PowerShell's Get-AuthenticodeSignature cmdlet for each file, which takes a significant amount of time.

Describe the solution you'd like
Ideally, do the check from within .NET directly.

Describe alternatives you've considered
You could also have PowerShell enumerate files (Get-ChildItem) and pipe the result to Get-AuthenticodeSignature, which would reduce the process creation overhead, but still sounds a bit of a kluge.

System Configuration (please complete the following information):

• OS: Windows
• OS Version: Windows 10 (1809) Pro
• Application Version: 2.0.38-beta+6b0ad9732a
• CLI or GUI: CLI

Additional context
n/a

Once you do a couple collections on a full system the database can be quite large. Some use cases demand moving the database from one system to another (for example between two VM snapshots).

Doing a quick test using 7zip there's opportunity for 20:1 space savings, without having to change the schema.

This seems like a no brainer.

Describe the bug
The GUI can take several seconds to show the home page leaving the user wondering if it is working or not.

To Reproduce
Steps to reproduce the behavior:

1. Go to asa.exe
2. Click on asa.exe or Right Click to Run as administrator
3. Wait for something to appear/happen

Expected behavior
If possible, cut down the start up code before home is shown or display an intro start up window that will let the user know it is loading.

i.e. --match-collectors otherrunid

User request.

FileSystemMonitor on linux appears to not be gathering any data.

The comparison output file displays the SDDL permissions string for any new or modified file. The string contains security IDs, but only in their raw form. The report would be much more readable if the security IDs, if possible, were output using their well-known-SID name. "Everone", "IID_USR", "Administrators", etc.

Describe the bug
While the wiki home page already references the 1.0 version of the app at the top, the FAQ page should include the link as well for missing features or OS support that is available in the older product.

To Reproduce
Steps to reproduce the behavior:

1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error

Expected behavior
Update FAQ to include link to legacy download page

Screenshots
If applicable, add screenshots to help explain your problem.

System Configuration (please complete the following information):

• OS: [e.g. Windows]
• OS Version: [e.g. Windows 10 1803]
• Application Version: [e.g. 2.0.1-beta+50af283871]
• CLI or GUI:

Additional Context
Add any other context about the problem here.

Describe the bug
A source file is output as part of the Release binaries zip file

To Reproduce
Steps to reproduce the behavior:
Download the build 2.0.77.x and unzip to folder
View root folder with binaries and...program.cs file

Expected behavior
The program.cs file should not be there most likely :)

Screenshots
see attached

System Configuration (please complete the following information):

• OS: [e.g. Windows]
• OS Version: [e.g. Windows 10 1803]
• Application Version: [e.g. 2.0.1-beta+50af283871]
• CLI or GUI: CLI
  

Additional Context
Add any other context about the problem here.

Describe the bug
The application reports the command as completed when a bad scanid is specified for deleting

To Reproduce
Steps to reproduce the behavior:
Open a prompt and runattacksurfaceanalyzercli config --delete-run afdasfdh where the value is bad and see the command notice says completed

Expected behavior
For this and similar commands where an input is bad not just missing we should see an error indicating this otherwise users may mistype and assume something worked when it didn't and submit false positives on app errors.

Screenshots
If applicable, add screenshots to help explain your problem.

System Configuration (please complete the following information):

• OS: [e.g. Windows]
• OS Version: [e.g. Windows 10 1803]
• Application Version: [e.g. 2.0.1-beta+50af283871]
• CLI or GUI: CLI

Additional Context
Add any other context about the problem here.