HailBytes/hailbytes-vulnerability-calculator

# HailBytes 漏洞扫描器基础设施计算器 一个用于规划漏洞扫描基础设施规模的**零依赖网页组件**。输入目标主机数量、扫描强度、工具和合规要求，即可在浏览器中即时获得虚拟机规格、时间分析、成本估算（AWS与Azure），以及与HailBytes ASM托管服务的ROI对比——无需服务器或构建步骤。 可作为单个 ` ``` ## 集成示例 ### 纯HTML / Hugo ``` ``` Hugo 短代码 (`layouts/shortcodes/vuln-calculator.html`): ``` ``` ### 通过 jsDelivr 使用 CDN ``` ``` ### React 框架 ``` import { useEffect, useRef } from 'react'; import('https://cdn.jsdelivr.net/gh/HailBytes/hailbytes-vulnerability-calculator@main/hailbytes-vuln-calculator.js'); export default function VulnCalc({ onCalculated }) { const ref = useRef(null); useEffect(() => { const el = ref.current; if (!el) return; const handle = (e) => onCalculated?.(e.detail); el.addEventListener('vuln-calculated', handle); return () => el.removeEventListener('vuln-calculated', handle); }, []); return ; } ``` ### Vue 3 框架 ``` ``` ## API 参考 ### 属性 | 属性 | 值 | 默认值 | 描述 | |-----------|----------------|---------|--------------| | `theme` | `dark` `light` | `dark` | 颜色方案 | ### 事件 | 事件名称 | 触发时机 | `event.detail` | |-------------------|--------------------------|--------------------| | `vuln-calculated` | 用户点击“计算”按钮时触发 | 完整结果对象 | ### 输入字段模式 | 字段 | 类型 | 范围 / 选项 | |--------------------|--------------|------------------------------------------------------------------------------| | `target_hosts` | `number` | 1–50,000 | | `scan_intensity` | `string` | `light`, `medium`, `aggressive`, `continuous` | | `scan_frequency` | `string` | `daily`, `weekly`, `monthly`, `quarterly` | | `scan_window` | `number` | 1–24 (小时) | | `scanning_tools` | `string[]` | `hailbytes_asm`, `openvas`, `nessus_professional`, `qualys_vmdr` | | `compliance_needs` | `string[]` | `pci`, `hipaa`, `nist`, `iso27001`, `soc2` | ### 结果对象结构 ``` { "vm_resources": { "cpu_cores": 8, "ram_gb": 16, "ram_recommended": 24, "storage_gb": 70, "network_bandwidth_mbps": 14, "docker_required": true, "tool_type": "hailbytes_asm" }, "timing": { "total_scan_time_minutes": 1500, "optimized_scan_time_minutes": 19, "parallel_hosts": 800, "scan_window_utilization": 3.9, "performance_metrics": { "efficiency_rating": "excellent", "bottleneck_analysis": [], "optimization_suggestions": [] } }, "costs": { "infrastructure_monthly_aws": 374, "infrastructure_monthly_azure": 352, "tool_licensing_annual": 0, "tool_management_monthly": 450, "tool_setup_cost": 600, "total_monthly_aws": 824, "total_monthly_azure": 802, "roi_analysis": { "self_managed_monthly": 824, "managed_monthly": 299, "monthly_savings": 525, "annual_savings": 6300, "roi_percentage": 176.3, "has_managed_option": true }, "tool_breakdown": { "hailbytes_asm": { "...": "..." } } }, "recommendations": ["..."], "has_asm": true, "inputs": { "...": "..." }, "timestamp": "2025-01-01T00:00:00.000Z" } ``` ## 扫描工具 | 工具键名 | 显示名称 | 许可证 | 备注 | |----------------------|--------------------|-----------|----------------------------------------------------| | `hailbytes_asm` | HailBytes ASM | 开源免费 | 攻击面管理；提供托管服务 | | `openvas` | OpenVAS | 开源免费 | 漏洞扫描器；需要维护漏洞库 | | `nessus_professional`| Nessus Professional| ~$3,990/年| 广泛支持的商业扫描器 | | `qualys_vmdr` | Qualys VMDR | ~$3,500/年| 云原生漏洞管理平台 | **HailBytes ASM** 是实现持续攻击面可视化的推荐选择。它支持自托管（Docker）或从每月299美元起价的全托管服务——消除基础设施开销和设置时间。 ## 计算方法 ### HailBytes ASM 资源规格计算 ``` host_factor = max(1, target_hosts / 1000) compliance_factor = 1.0 + (num_compliance * 0.1) total_multiplier = intensity_mult × frequency_mult × compliance_factor cpu_cores = max(2, ceil(4 × host_factor × total_multiplier)) ram_gb = max(4, ceil(8 × host_factor × total_multiplier)) storage_gb = max(20, ceil(50 + (target_hosts/100 × 2) × compliance_factor)) network = max(10, ceil(target_hosts/200 × intensity_mult × compliance_factor)) ``` **强度倍数（HailBytes ASM）：** `light=1.0`, `medium=1.3`, `aggressive=1.8`, `continuous=2.2` **频率倍数：** `daily=1.5`, `weekly=1.0`, `monthly=0.8`, `quarterly=0.6` ### 传统扫描器规格计算 ``` host_factor = max(0.001, target_hosts / 1000) cpu_cores = max(2, ceil(4 × host_factor × intensity_mult)) ram_gb = max(4, ceil(8 × host_factor × intensity_mult)) storage_gb = max(10, ceil(0.5 × target_hosts / 1024)) network = max(10, ceil(target_hosts/100 × intensity_mult)) ``` **强度倍数（传统）：** `light=1.0`, `medium=1.5`, `aggressive=2.5`, `continuous=3.0` ### 时间估算 ``` base_scan_time = hailbytes_asm ? 1.5 : 2.0 (min/host) time_mult = { light:0.5, medium:1.0, aggressive:2.0, continuous:0.3 } total_scan_time = base × target_hosts × time_mult parallel_hosts = min(target_hosts, cpu_cores × 100) optimized = ceil(total / max(1, parallel_hosts/100)) window_utilization = min(100, optimized / (scan_window × 60) × 100) ``` ### 云成本估算 ``` scale_factor = max(cpu_cores/4, ram_gb/8) aws_monthly = ceil(0.17 × scale_factor × 730 + storage_gb × 0.10) azure_monthly = ceil(0.16 × scale_factor × 730 + storage_gb × 0.12) ``` ## 许可证 [Mozilla Public License 2.0](LICENSE) ## 企业支持 [](https://www.hailbytes.com/asm?utm_source=github&utm_medium=repo_readme&utm_campaign=hailbytes-vulnerability-calculator&utm_content=enterprise_banner) 需要无运营开销的托管攻击面管理？**HailBytes ASM** 提供企业级攻击面管理及全面支持，现已在 AWS 和 Azure 市场可用。 [**获取企业支持 ->**](https://www.hailbytes.com/asm?utm_source=github&utm_medium=repo_readme&utm_campaign=hailbytes-vulnerability-calculator&utm_content=enterprise_banner)

标签：AWS成本, Azure成本, CMS安全, CodeQL, HTML, Hugo, JavaScript, React, ROI比较, Syscalls, Vanilla JS, VM大小计算, Vue, Web组件, 云基础设施优化, 基础设施规划, 安全合规, 安全评估工具, 成本估计, 数据可视化, 文件系统扫描, 无依赖, 时间分析, 浏览器应用, 漏洞扫描工具, 网络代理, 网络安全, 自定义脚本, 隐私保护