Microsoft Attack Surface Analyzer
This is a free tool developed by Microsoft. It aims at analysing the changes made to the attack surface of the system (on the installation of software) by analysing the registry, file permissions, Windows IIS server, GAC assemblies, etc. It assesses the severity of the change in the attack surface and its implications on the vulnerability of the system. A proper categorisation of the analysed threats by the attack surface analyser under specific labels ensures a better understanding of the generated report.
Download link: http://www.microsoft.com/en-in/ download/details.aspx?id=24487