npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@hailbytes/pentest-calculator

v1.0.0

Published

Zero-dependency web component for scoping and estimating penetration testing engagements. Works in Hugo, React, Vue, or plain HTML.

Readme

HailBytes Penetration Testing Scope Calculator

A zero-dependency web component for scoping and estimating penetration testing engagements. Three-step wizard covering target scope, testing depth, compliance requirements, and deliverables — produces a day/cost estimate in the browser with no server required.

Works as a single <script> tag inside Hugo, React, Vue, Next.js, or plain HTML — or install via npm.

npm version License: MPL-2.0 Zero deps Bundle Size


Install

npm install @hailbytes/pentest-calculator

Or use it without a bundler via a CDN (see below).

Quick Start

npm (bundlers, Next.js, Vite, Webpack, etc.)

// Side-effect import registers the <pentest-calculator> custom element.
import '@hailbytes/pentest-calculator';
<pentest-calculator theme="dark"></pentest-calculator>

<!-- White-label (no HailBytes branding) -->
<pentest-calculator theme="dark" branding="off"></pentest-calculator>

Plain script tag

<!-- 1. Load the component -->
<script type="module" src="pentest-calculator.js"></script>

<!-- 2. Drop the tag anywhere -->
<pentest-calculator></pentest-calculator>

Integration Examples

Plain HTML / Hugo

<!DOCTYPE html>
<html>
<head>
  <meta charset="UTF-8">
  <title>Pentest Scope Calculator</title>
</head>
<body>
  <pentest-calculator theme="dark"></pentest-calculator>

  <script type="module" src="https://cdn.jsdelivr.net/gh/HailBytes/pentest-calculator@main/pentest-calculator.js"></script>
</body>
</html>

Hugo shortcode (layouts/shortcodes/pentest-calculator.html):

<script type="module" src="https://cdn.jsdelivr.net/gh/HailBytes/pentest-calculator@main/pentest-calculator.js"></script>
<pentest-calculator theme="{{ .Get "theme" | default "dark" }}"></pentest-calculator>

CDN via jsDelivr

<script type="module"
  src="https://cdn.jsdelivr.net/gh/HailBytes/pentest-calculator@main/pentest-calculator.js">
</script>
<pentest-calculator></pentest-calculator>

React

import { useEffect, useRef } from 'react';

// Load once at the app level
import('https://cdn.jsdelivr.net/gh/HailBytes/pentest-calculator@main/pentest-calculator.js');

export default function PentestCalc({ onCalculated, onQuoteRequested }) {
  const ref = useRef(null);

  useEffect(() => {
    const el = ref.current;
    if (!el) return;

    const handleCalc   = (e) => onCalculated?.(e.detail);
    const handleQuote  = (e) => onQuoteRequested?.(e.detail);

    el.addEventListener('pentest-calculated',       handleCalc);
    el.addEventListener('pentest-quote-requested',  handleQuote);
    return () => {
      el.removeEventListener('pentest-calculated',      handleCalc);
      el.removeEventListener('pentest-quote-requested', handleQuote);
    };
  }, []);

  return <pentest-calculator ref={ref} theme="dark" />;
}

Vue 3

<template>
  <pentest-calculator
    theme="dark"
    @pentest-calculated="onCalculated"
    @pentest-quote-requested="onQuote"
  />
</template>

<script setup>
import 'https://cdn.jsdelivr.net/gh/HailBytes/pentest-calculator@main/pentest-calculator.js';

function onCalculated(e)  { console.log('Result:', e.detail); }
function onQuote(e)       { console.log('Quote requested:', e.detail); }
</script>

API Reference

Attributes

| Attribute | Values | Default | Description | |-----------|-------------|---------|------------------------------| | theme | dark light | dark | Color scheme |

Events

| Event Name | Fired When | event.detail | |-----------------------------|---------------------------------------------|-----------------------| | pentest-calculated | User reaches Step 3 (auto-calculated) | Full result object | | pentest-quote-requested | User clicks "Get an Accurate Quote" button | Last result object |

Result Object Shape

{
  "inputs": {
    "targetType": "web_app",
    "numTargets": 3,
    "environment": "production",
    "authTesting": true,
    "socialEng": false,
    "testDepth": "comprehensive",
    "compliance": ["pci_dss", "soc2"],
    "reportType": "full_both",
    "remSupport": true
  },
  "days": 9.5,
  "costLow": 14250,
  "costHigh": 33250,
  "teamSize": 2,
  "teamLabel": "engineers",
  "teamPills": ["1× Lead Penetration Tester", "1× Security Engineer"],
  "deliverables": ["Detailed vulnerability findings report", "..."],
  "timestamp": "2025-01-01T00:00:00.000Z"
}

Calculation Methodology

| Parameter | Formula / Values | |----------------------|------------------| | Base days | web_app=3, network=4, mobile=4, cloud=3, combined=6 | | Target factor | 1 target=1.0×, 2–5=1.3×, 6–15=1.6×, 16+=2.0× | | Depth multiplier | basic=0.7×, standard=1.0×, comprehensive=1.5×, red_team=2.5× | | Compliance | +0.5 days per standard selected | | Full report | +1 day | | Authenticated | +0.5 days | | Social engineering | +2 days | | Day rate | Low: $1,500/day, High: $3,500/day |

Example: Web app (3 days) × 3 targets (1.3×) × comprehensive (1.5×) + PCI DSS (0.5) + authenticated (0.5) = 7.87 → 7.9 days


⚠️ Disclaimer

All estimates are preliminary and intended for budgeting guidance only. Actual engagement scope, duration, and pricing depend on detailed scoping conversations, target complexity, regulatory requirements, and findings discovered during testing. Contact HailBytes for an accurate quote.


See also

Part of the HailBytes calculator suite — drop-in web components for security and risk:


License

Mozilla Public License 2.0


Built by HailBytes — Managed Attack Surface Management.


Enterprise Support

HailBytes - Managed Attack Surface Management

Need managed attack surface management without the operational overhead? HailBytes ASM delivers BYOC-deployed reNgine with enterprise support, on AWS and Azure Marketplaces.

Get Enterprise Support ->

Part of the HailBytes open-source security toolkit.