Skip to content
Gabe Stocco edited this page Jan 25, 2022 · 17 revisions

Quick Hits

  • Attack Surface Analyzer requires administrator privileges to run some collectors. If you do not run Attack Surface Analyzer as administrator/root it will make a best effort to collect what it can.
  • The tool has high CPU and memory demands and may take a considerable amount of time to complete depending on the collectors run and the data available on the system.
  • Analyses should never be run on live production servers since it can severely degrade the performance of the system.
  • The older classic version of the tool produced .cab files which are not compatible with this rewritten version which stores results in a local SQLite db file.

Can I still access the Attack Surface Analyzer 1.0 (classic) version of the tool?

Attack Surface Analyzer 1.0 is no longer distributed by Microsoft.

Windows Defender is consuming a lot of CPU when running ASA

You can add an exclusion in Windows Defender. First open the "Windows Security" application, Navigate to "Virus & Threat Protection", "Manage Settings", "Add or remove exclusions", and then add a "Process" exclusion for "C:\Full\Path\To\Asa.exe".

See: https://support.microsoft.com/en-us/topic/how-to-add-a-file-type-or-process-exclusion-to-windows-security-e524cbc2-3975-63c2-f9d1-7c2eb5331e53

Why isn't Attack Surface Analyzer notarized for macOS?

This is a current limitation of our build pipeline. In the meantime you can build Attack Surface Analyzer from source or install the .NET Core runtime and run dotnet tool install -g Microsoft.CST.AttackSurfaceAnalyzer.CLI to add asa to your path.

What do I need to run Attack Surface Analyzer on Windows 7?

Make sure you have KB2999226 and KB2533623 installed. Or you'll see The library hostfxr.dll was found, but loading it from C:\<path_to_app>\hostfxr.dll failed