microsoft / AttackSurfaceAnalyzer
Attack Surface Analyzer is a Microsoft developed open source security tool that analyzes the attack surface of a target system and reports on potential security vulnerabilities introduced during the installation of software or system misconfiguration.
If you have the .NET Core SDK installed you can install Attack Surface Analyzer with dotnet tool install -g Microsoft.CST.AttackSurfaceAnalyzer.CLI.
The core feature of Attack Surface Analyzer is the ability to "diff" an operating system's security configuration, before and after a software component is installed and to run arbitrary complex rules on the results to surface interesting findings. This is important because most installation processes require elevated privileges, and once granted, can lead to unintended system configuration changes.
Run the following commands in an Administrator Shell (or as root). Replace asa with asa.exe as appropriate for your platform.
