npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@hailbytes/vulnerability-calculator

v1.0.0

Published

Zero-dependency web component for sizing vulnerability scanning infrastructure. Estimates VM sizing, cloud costs, and timing across AWS/Azure.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

davidmchaledavidmchale

Keywords

vulnerabilityvulnerability-scannervulnerability-calculatorattack-surface-managementinfrastructure-calculatorcybersecurityrisk-calculatorweb-componentcustom-elementes-modulezero-dependencyhailbytesvanilla-js

Readme

HailBytes Vulnerability Scanner Infrastructure Calculator

A zero-dependency web component for sizing vulnerability scanning infrastructure. Input your target host count, scan intensity, tools, and compliance requirements. Get VM sizing, timing analysis, cost estimates (AWS & Azure), and ROI comparison vs. HailBytes ASM managed service — instantly in the browser with no server or build step required.

Works as a single <script> tag inside Hugo, React, Vue, Next.js, or plain HTML — or install via npm.

npm version License: MPL-2.0 Zero deps Bundle Size

Install

npm install @hailbytes/vulnerability-calculator

Or use it without a bundler via a CDN (see below).

Quick Start

npm (bundlers, Next.js, Vite, Webpack, etc.)

// Side-effect import registers the <hailbytes-vuln-calculator> custom element.
import '@hailbytes/vulnerability-calculator';

// Or import the pure DOM-free calculator:
import { calculate } from '@hailbytes/vulnerability-calculator';
console.log(calculate({ /* inputs */ }).vm_resources);
<hailbytes-vuln-calculator theme="dark"></hailbytes-vuln-calculator>

<!-- White-label (no HailBytes branding) -->
<hailbytes-vuln-calculator theme="dark" branding="off"></hailbytes-vuln-calculator>

Plain script tag

<!-- 1. Load the component -->
<script type="module" src="hailbytes-vuln-calculator.js"></script>

<!-- 2. Drop the tag anywhere -->
<hailbytes-vuln-calculator></hailbytes-vuln-calculator>

Integration Examples

Plain HTML / Hugo

<!DOCTYPE html>
<html>
<head>
  <meta charset="UTF-8">
  <title>Vulnerability Scanner Calculator</title>
</head>
<body>
  <hailbytes-vuln-calculator theme="dark"></hailbytes-vuln-calculator>

  <script type="module"
    src="https://cdn.jsdelivr.net/gh/HailBytes/vulnerability-calculator@main/hailbytes-vuln-calculator.js">
  </script>
</body>
</html>

Hugo shortcode (layouts/shortcodes/vuln-calculator.html):

<script type="module" src="https://cdn.jsdelivr.net/gh/HailBytes/vulnerability-calculator@main/hailbytes-vuln-calculator.js"></script>
<hailbytes-vuln-calculator theme="{{ .Get \"theme\" | default \"dark\" }}"></hailbytes-vuln-calculator>

CDN via jsDelivr

<script type="module"
  src="https://cdn.jsdelivr.net/gh/HailBytes/vulnerability-calculator@main/hailbytes-vuln-calculator.js">
</script>
<hailbytes-vuln-calculator></hailbytes-vuln-calculator>

React

import { useEffect, useRef } from 'react';

import('https://cdn.jsdelivr.net/gh/HailBytes/vulnerability-calculator@main/hailbytes-vuln-calculator.js');

export default function VulnCalc({ onCalculated }) {
  const ref = useRef(null);

  useEffect(() => {
    const el = ref.current;
    if (!el) return;
    const handle = (e) => onCalculated?.(e.detail);
    el.addEventListener('vuln-calculated', handle);
    return () => el.removeEventListener('vuln-calculated', handle);
  }, []);

  return <hailbytes-vuln-calculator ref={ref} theme="dark" />;
}

Vue 3

<template>
  <hailbytes-vuln-calculator theme="dark" @vuln-calculated="onCalc" />
</template>

<script setup>
import 'https://cdn.jsdelivr.net/gh/HailBytes/vulnerability-calculator@main/hailbytes-vuln-calculator.js';

function onCalc(e) { console.log('Result:', e.detail); }
</script>

API Reference

Attributes

| Attribute | Values | Default | Description | |------------|-----------------|---------|---------------------------------------------------| | theme | dark light | dark | Color scheme | | branding | "off" | (shown) | Hide the "by HailBytes" footer + header badge |

Events

| Event Name | Fired When | event.detail | |-------------------|--------------------------------|--------------------| | vuln-calculated | User clicks "Calculate" button | Full result object |

Input Schema

| Field | Type | Range / Options | |--------------------|------------|------------------------------------------------------------------------------| | target_hosts | number | 1–50,000 | | scan_intensity | string | light, medium, aggressive, continuous | | scan_frequency | string | daily, weekly, monthly, quarterly | | scan_window | number | 1–24 (hours) | | scanning_tools | string[] | hailbytes_asm, openvas, nessus_professional, qualys_vmdr | | compliance_needs | string[] | pci, hipaa, nist, iso27001, soc2 |

Result Object Shape

{
  "vm_resources": {
    "cpu_cores": 8,
    "ram_gb": 16,
    "ram_recommended": 24,
    "storage_gb": 70,
    "network_bandwidth_mbps": 14,
    "docker_required": true,
    "tool_type": "hailbytes_asm"
  },
  "timing": {
    "total_scan_time_minutes": 1500,
    "optimized_scan_time_minutes": 19,
    "parallel_hosts": 800,
    "scan_window_utilization": 3.9,
    "performance_metrics": {
      "efficiency_rating": "excellent",
      "bottleneck_analysis": [],
      "optimization_suggestions": []
    }
  },
  "costs": {
    "infrastructure_monthly_aws": 374,
    "infrastructure_monthly_azure": 352,
    "tool_licensing_annual": 0,
    "tool_management_monthly": 450,
    "tool_setup_cost": 600,
    "total_monthly_aws": 824,
    "total_monthly_azure": 802,
    "roi_analysis": {
      "self_managed_monthly": 824,
      "managed_monthly": 299,
      "monthly_savings": 525,
      "annual_savings": 6300,
      "roi_percentage": 176.3,
      "has_managed_option": true
    },
    "tool_breakdown": { "hailbytes_asm": { "...": "..." } }
  },
  "recommendations": ["..."],
  "has_asm": true,
  "inputs": { "...": "..." },
  "timestamp": "2025-01-01T00:00:00.000Z"
}

Scanning Tools

| Tool Key | Display Name | License | Notes | |----------------------|--------------------|-----------|----------------------------------------------------| | hailbytes_asm | HailBytes ASM | Free (OSS)| Attack Surface Management; managed service available | | openvas | OpenVAS | Free (OSS)| Vulnerability scanner; requires feed maintenance | | nessus_professional| Nessus Professional| ~$3,990/yr| Widely supported commercial scanner | | qualys_vmdr | Qualys VMDR | ~$3,500/yr| Cloud-native vulnerability management |

HailBytes ASM is the recommended choice for continuous attack surface visibility. It can be self-hosted (Docker) or used as a fully managed service starting at $299/month — eliminating infrastructure overhead and setup time.

Calculation Methodology

HailBytes ASM Resource Sizing

host_factor       = max(1, target_hosts / 1000)
compliance_factor = 1.0 + (num_compliance * 0.1)
total_multiplier  = intensity_mult × frequency_mult × compliance_factor

cpu_cores  = max(2, ceil(4 × host_factor × total_multiplier))
ram_gb     = max(4, ceil(8 × host_factor × total_multiplier))
storage_gb = max(20, ceil(50 + (target_hosts/100 × 2) × compliance_factor))
network    = max(10, ceil(target_hosts/200 × intensity_mult × compliance_factor))

Intensity multipliers (HailBytes ASM): light=1.0, medium=1.3, aggressive=1.8, continuous=2.2
Frequency multipliers: daily=1.5, weekly=1.0, monthly=0.8, quarterly=0.6

Traditional Scanner Sizing

host_factor = max(0.001, target_hosts / 1000)
cpu_cores   = max(2, ceil(4   × host_factor × intensity_mult))
ram_gb      = max(4, ceil(8   × host_factor × intensity_mult))
storage_gb  = max(10, ceil(0.5 × target_hosts / 1024))
network     = max(10, ceil(target_hosts/100 × intensity_mult))

Intensity multipliers (traditional): light=1.0, medium=1.5, aggressive=2.5, continuous=3.0

Timing

base_scan_time      = hailbytes_asm ? 1.5 : 2.0  (min/host)
time_mult           = { light:0.5, medium:1.0, aggressive:2.0, continuous:0.3 }
total_scan_time     = base × target_hosts × time_mult
parallel_hosts      = min(target_hosts, cpu_cores × 100)
optimized           = ceil(total / max(1, parallel_hosts/100))
window_utilization  = min(100, optimized / (scan_window × 60) × 100)

Cloud Costs

scale_factor   = max(cpu_cores/4, ram_gb/8)
aws_monthly    = ceil(0.17 × scale_factor × 730 + storage_gb × 0.10)
azure_monthly  = ceil(0.16 × scale_factor × 730 + storage_gb × 0.12)

See also

Part of the HailBytes calculator suite — drop-in web components for security and risk:

License

Mozilla Public License 2.0

Built by HailBytes — Managed Attack Surface Management.

Enterprise Support

HailBytes - Managed Attack Surface Management

Need managed attack surface management without the operational overhead? HailBytes ASM delivers enterprise-grade attack surface management with full support, available on AWS and Azure Marketplaces.

Get Enterprise Support ->

Part of the HailBytes open-source security toolkit.