-
Notifications
You must be signed in to change notification settings - Fork 277
FAQ's
Gabe Stocco edited this page Jan 25, 2022
·
17 revisions
- Attack Surface Analyzer requires administrator privileges to run some collectors. If you do not run Attack Surface Analyzer as administrator/root it will make a best effort to collect what it can.
- The tool has high CPU and memory demands and may take a considerable amount of time to complete depending on the collectors run and the data available on the system.
- Analyses should never be run on live production servers since it can severely degrade the performance of the system.
- The older classic version of the tool produced .cab files which are not compatible with this rewritten version which stores results in a local SQLite db file.
Attack Surface Analyzer 1.0 is no longer distributed by Microsoft.
You can add an exclusion in Windows Defender. First open the "Windows Security" application, Navigate to "Virus & Threat Protection", "Manage Settings", "Add or remove exclusions", and then add a "Process" exclusion for "C:\Full\Path\To\Asa.exe".
This is a current limitation of our build pipeline. In the meantime you can build Attack Surface Analyzer from source or install the .NET Core runtime and run dotnet tool install -g Microsoft.CST.AttackSurfaceAnalyzer.CLI to add asa to your path.
Make sure you have KB2999226 and KB2533623 installed. Or you'll see The library hostfxr.dll was found, but loading it from C:\<path_to_app>\hostfxr.dll failed