ubercool

The Idea is:

As a DevOps Security engineer:

Part I:

==========

1. I want to know what are different websites (domains and subdomains) owned by my company are exposed to the internet. 
2. What version of servers they are using, which location and stack it is hosting e.g. rackspace, amazonaws etc.
3. When accessing the websites, what are the other servers it is connecting for resources or any other purpose. To get a entire flow and mapping among various servers based on their requests.
4. Identify vulnerable client frameworks used for the sites and raise an alert.
5. Provides an interface to manage/monitor those sites as an internal inventory for the Administrators

Part II:

=========

As an internal DevOps Network engineer, I want to build an in-house free/Open-source centralized visualization and attack monitoring dashboard which co-relates all the logs from various devices and servers and show you real-time analysis using ELK stack.

Often in large enterprises, we seem to have lots of web application available both internally and externally. And we face challenges in the enterprise to keep track of what are those sites, who owned them, and/or which team (internal or external) are responsible for maintaining those application, if any issue e.g. defacement, DOS attack, who would be the right point of contact for them.

Even if you manage to have such inventory, the other big challenge is to maintain such huge data and keep them updated. The other way to look at it is, this will be a supportive tool for pentesters and bounty hunters to understand the entire landscape of the websites. This tool would help large companies to do such tedious JOB very easily and in convenient manner.