Self-hosted · open source · single-binary runner
Know what the internet
sees of your org.
Krayt is an external attack-surface management platform you run yourself. Discover assets, scan them on a schedule, triage findings, and pipe alerts to Slack, Teams, or any webhook.
Discover
Passive CT-log + subfinder; DNS + port scans; HTTP fingerprint.
Analyze
Nuclei vuln matching, TLS / DNS hygiene, CT monitoring, leaked credentials.
Notify
Webhooks with HMAC, Slack + Teams, REST API, scheduled scans, diff engine.
How it fits together
A Laravel control plane orchestrates scans and manages data. Go-based runners run anywhere — your laptop, a VPS, a Kubernetes pod — and pull jobs over HTTPS long-poll. Internally, Redis Streams carry scan requests and results.
scheduler → scan.requested
↓ Redis stream
runner → observations + findings
↓
ingest → diff + webhooks