Welcome to leveryd-asm! 🎉🎉🎉
- Prohibited for illegal purposes, and all illegal activities have nothing to do with the author.
- All apps comply with relevant national laws and regulations, network security laws, etc. We abide by open source agreements and relevant requirements of app vendors.
leveryd-asm is committed to becoming an enterprise-oriented external network attack surface management product. Enterprises can use it to discover assets exposed on the Internet, perceive security vulnerabilities in these assets, and operate vulnerabilities. It has the following characteristics:
🕸 Based on task orchestration
Based on argo-workflow, it provides rich and stable task orchestration capabilities.🔗 Based on Kubernetes
The task orchestration engine is based on Kubernetes to schedule work containers, so it is easy to improve scanning performance through horizontal scaling; it is easy to observe and operate applications through the Kubernetes ecosystem product.💻 Ready to use
Built-in multiple workflows, you only need to enter asset information to complete the scanning task.🤖 Management console
Provides a UI interface for users to manage assets, operate vulnerabilities; for developers, to add a template to the console quickly, routine CRUD operations can be completed by configuring options for front-end and back-end module development.💡 Multi-instance deployment
Multiple asm instances can be deployed on the same Kubernetes cluster, and the data does not affect each other. So you can distinguish between test and online environments, and you can also deploy instances separately for different types of assets (such as foreign assets and domestic assets).The architecture is as follows:
Here are a few examples of usage scenarios:
| Submit crawling and scanning tasks | Operate alarms on the console |
 |
 |
| Submit POC scanning tasks | View task status |
 |
 |
If you are interested in the implementation of this product, you can read the following articles: