Giulia Stocco

Good candidate to call out to sysmon. https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon

I strongly recommend that on Mac OS you instead install the .NET SDK and install the dotnet tool. https://www.nuget.org/packages/Microsoft.CST.AttackSurfaceAnalyzer/ Unfortunately, we are not yet able (due to external factors) to...

Thanks for your interest in ASA. You can see we have a lot on our roadmap for 2.3. The current plan is to release in October. It is possible some...

For detailed information on authoring rules: https://github.com/microsoft/AttackSurfaceAnalyzer/wiki/Authoring-Analysis-Rules Feel free to open an issue separately if you have issues with the below and the wiki guidance. Here's the snippet that will...

To add further clarification. All the findings you see should represent actual changes, either the addition of something in the second snapshot, the modification of something that existed in both...

On Windows: https://docs.microsoft.com/en-us/windows-hardware/drivers/install/enumerating-installed-devices

Windows: https://www.nuget.org/packages/PInvoke.SetupApi Call [SetupDiGetClassDevs](https://github.com/AArnott/pinvoke/blob/93303723e066749348977e59e16ae243cd20c196/src/SetupApi/SetupApi.cs#L62) and use the enumerated results to call other functions in the setupapi lib.

On Mac OS we can call out to `system_profiler`. http://teczd.com/2015/09/23/osx-get-system-info-from-command-line/ For parsing XML here use. https://stackoverflow.com/questions/14941190/xml-deserialization-with-servicestack-text

Linux has a few utilities. https://www.lifewire.com/how-to-use-linux-to-find-the-names-of-the-devices-on-your-computer-4078068

For linux: https://github.com/slimm609/checksec.sh with `--kernel`