Microsoft Attack Surface Analyzer – Test Software Vulnerabilities

The New Acunetix V12 Engine


Attack Surface Analyzer is developed by the Security Engineering group, building on the work of our Security Science team. It is the same tool used by Microsoft’s internal product groups to catalogue changes made to operating system attack surface by the installation of new software.

Attack Surface Analyzer takes a snapshot of your system state before and after the installation of product(s) and displays the changes to a number of key elements of the Windows attack surface.

This allows:

  • Developers to view changes in the attack surface resulting from the introduction of their code on to the Windows platform
  • IT Professionals to assess the aggregate Attack Surface change by the installation of an organization’s line of business applications
  • IT Security Auditors evaluate the risk of a particular piece of software installed on the Windows platform during threat risk reviews
  • IT Security Incident Responders to gain a better understanding of the state of a systems security during investigations (if a baseline scan was taken of the system during the deployment phase)

System Requirements

Supported Operating Systems: Windows 7;Windows Server 2008;Windows Vista

Collection of Attack Surface data: Windows 7, Windows Vista, Windows Server 2008 R1 or Windows Server 2008 R2

Analysis of Attack Surface data and report generation: Windows 7 or Windows Server 2008 R2 with Microsoft .Net 3.5 SP1

You can download Attack Surface Analyzer here:

64-bitAttack_Surface_Analyzer_BETA_x64.msi
32-bitAttack_Surface_Analyzer_BETA_x86.msi

Or read more here.

Posted in: Countermeasures, Exploits/Vulnerabilities, Security Software, Windows Hacking

, , , , ,


Latest Posts:


DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.
2019 High Severity Vulnerabilities What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
GoBuster - Directory/File & DNS Busting Tool in Go GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (inc. wildcards) - a directory/file & DNS busting tool.
BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.


One Response to Microsoft Attack Surface Analyzer – Test Software Vulnerabilities

  1. jors April 13, 2011 at 7:59 pm #

    You can do something similar with some sandbox software (in instance, Sanboxie), even if this kind of software is not focused on security.