Company Overview
Founded in 2020, ProjectDiscovery is a cybersecurity company focusing on attack surface management (ASM) and headquartered in San Francisco, USA. Focus on providing open source and cloud-based security tools to simplify the workflow of security engineers and developers.
The ProjectDiscovery team size is 11-50 people, and the core members are mainly from India. Founder Rishiraj Sharma met other founders through open source projects on GitHub in the early days of the company. Sandeep Singh serves as CTO, focusing on technological innovation, especially in automated hole detection and attack surface management. With the startup team’s expertise in security research and automation technology, he led the company to remarkable achievements.
Figure 1. Rishiraj Sharma (CEO) and Sandeep Singh (CTO) [1]
Product Background
Attack surface management (ASM) has evolved from a simple asset enumeration to a complex process that can continuously discover, classify and monitor all vulnerable assets. Modern organizations face an ever-expanding digital footprint, covering traditional Internet exposure systems, dynamic cloud environments and complex distributed services. EASM analyzes public network exposed assets from the perspective of attackers; CAASM provides internal and external asset visibility and risk management through API integration, helping enterprises to effectively respond to threats in complex IT environments.
Figure 2. Gartner’s 2024 Emerging Technology Maturity Curve [2]
Traditional vulnerability management tools have obvious limitations. Most of them are relatively fixed scanning models, which are difficult to adapt to today’s fast-iterative development rhythm. Faced with a new era of rapid development, dynamic infrastructure and automated attacks, security teams urgently need new vulnerability management tools to truly improve defense efficiency and response speed. ProjectDiscovery redefines asset attack surface management by combining mature open source technology and cloud native capabilities. Its platform ensures real-time visibility of assets through deep scanning and asset presentation. In short, it allows security teams to see the organization’s attack surface from the perspective of an attacker.
Scheme Features
ProjectDiscovery product slogan: “Dramatically reduce the time, number of tools and overhead of asset scanning”, which mainly focuses on application services, intranet assets, API, DNS, cloud, database asset discovery. The specific implementation architecture and tool call relationship are shown in the figure below:
Figure 3. Schematic diagram of the relationship between ProjectDiscovery business process and tool call [3]
1. Continuous asset monitoring
ProjectDiscovery is a SaaS platform that continuously monitors all assets and services exposed to the Internet in an organization, automatically discovering new hosts, endpoints, and changes in the attack surface. The official website has been opened for trial use. The author entered the ProjectDiscovery official website domain name to do asset discovery and the platform’s dynamic identification results. The specific effect is shown in the figure below.
Figure 4. ProjectDiscovery product interface [5]
From the demonstration environment, asset identification covers multiple dimensions such as subdomains, ports, status codes, IP addresses, ASNs, CNAME records, technology stacks used, web page screenshots, and security issues. The main function of the ProjectDiscovery platform is to visualize the statistics and search of asset data, mainly for Internet exposure. The source of data is mainly active detection and discovery. Its externally advertised intranet asset risk discovery function has not been displayed. The author hopes to see this function demonstrated in the roadshow.
Figure 5. ProjectDiscoveryi asset list
2. Open Source Community Integration
ProjectDiscovery has built a thriving global community of more than 100,000 engineers, with key tools including: Nuclei, Httpx, Subfinder[6].
Nuclei is a template-based customizable vulnerability scanner, supported by the global security community and built on a simple YAML DSL to identify assets and vulnerabilities. It can detect vulnerabilities in applications, APIs, networks, DNS and cloud configurations. The project has currently received 22.9K Stars on GitHub, with a total of more than 9,000 Nuclei templates. Nuclei ensures that scans are fast, results are accurate, and consistent with the behavior of real-world attackers.
Figure 6. Nuclei Asset Vulnerability Detection Tool
Nuclei has built a powerful vulnerability scanning ecosystem with the help of open source communities and custom templates, which is a highlight of ProjectDiscovery. However, in actual concurrent testing, I found that although it is more efficient than traditional brute force scanning methods, its overall performance is still slightly insufficient when facing large-scale asset detection. It is speculated that its support for rich templates will affect the scanning efficiency to a certain extent. Some scheduling strategies and scanning modes are still needed.
Httpx is a high-performance tool focused on Web asset detection, with a current Github Star count of 8.4K. Mainly for service detection of HTTP protocol, it supports multiple fingerprint recognition and response information extraction functions. It can efficiently obtain key data such as status code, title, IP, TLS information, Favicon hash, screenshot, certificate fingerprint, etc. It is particularly suitable for asset mapping and fingerprint recognition front-end links. It is a powerful Web service detection tool.
Figure 7. Httpx HTTP Detection Tool
Subfinder is a tool focused on subdomain discovery, designed to quickly and secretly enumerate the valid subdomains of the target website through passive data sources. Its design concept is simple and efficient, with a modular architecture, focusing on the core function of passive subdomain enumeration. Discover the subdomains of the target website by collecting information from online passive data sources (such as DNS records, certificates, search engines, third-party APIs, etc.). The design idea of Subfinder is to avoid actively scanning the target network, ensure the confidentiality of the operation, and reduce the risk of detection.
Figure 8. Subfinder subdomain discovery tool
3. AI-assisted content generation
ProjectDiscovery mainly uses AI to assist in the automatic generation of Nuclei detection templates and asset tags.
3.1 Automated Scale Board Generation
The ProjectDiscovery feature significantly improves the efficiency and quality of Nuclei template generation through the AI template editor. First, use a headless browser and ChatGPT to extract technical details (such as scripts, paths, HTTP requests and payloads) from the POC link to ensure that key information is complete. Generate Nuclei templates containing vulnerability descriptions, metadata and matchers through the PDCP API, and optimize metadata, CVSS classification and format unification by the TemplateMan API. Free users can make 10 AI requests per day, and subscription and enterprise users enjoy higher or unlimited quotas. The author tried this function and asked me to generate a Nuclei template for the recent Vite CVE-2025-30208 security vulnerability. The effect is still very good, as shown in the figure below.
Figure 9. AI Generating Nuclei Template
3.2 Automated Asset Tag Generation
ProjectDiscovery supports AI-driven asset labeling, which can automatically classify and add context to assets, helping security teams manage assets efficiently. The official website describes that this feature is currently in early beta and the first labeling may be slow. By analyzing asset metadata, DNS records, HTTP responses and web page screenshots, the system intelligently assigns descriptive tags such as “Login Page” or “Test Environment”, converting raw data into a clear list of assets. Tags are easy to filter and organize, clearly present the attack surface, and unify standards to ensure consistent classification. Newly emerging assets can be automatically tagged to keep the list accurate in real time. The labels added by the author in the demonstration environment are gray-locked and should not support trial use, as shown in the figure below. Looking forward to the actual presentation of its roadshow introduction.
Figure 10. AI Generates Asset Tags
Summary
Since Axonius[7] won the RSA Innovation Sandbox championship with its cybersecurity asset management platform in 2019, its valuation has soared to $2.6 billion and it plans to IPO in the near future. In 2022, Sevco[8]’s asset management platform with data fusion as the core was shortlisted, and in 2025 ProjectDiscovery emerged with its open source community-driven asset attack surface tools, highlighting that asset attack surface management (ASM) has always been a hot topic for RSA. Axonius and Sevco focus on multi-source asset data integration, providing comprehensive visibility and security management; ProjectDiscovery polishes agile vulnerability discovery capabilities through the open source community. The two paths of data fusion and community-driven jointly promote innovation and development in the ASM field.
ProjectDiscovery is characterized by integrating open source drive, global community collaboration and modern platforms to create efficient and practical vulnerability management tools to meet the urgent needs of enterprises for dynamic and visual security systems. The author believes that ProjectDiscovery has technical advantages and is undoubtedly a tool used by both red and blue teams, but the model may still lack asset management functions. That is, complete life cycle management from discovery to response. At the same time, how to transform from open source ecological vitality to a stable business model may also need to be considered. In addition, dealing with the challenge of other manufacturers using their open source results to build competing products will determine its long-term competitiveness in the ASM market.
References
[1] https://www.crunchbase.com/organization/projectdiscovery-inc/financial_details
[2] https://www.gartner.com/cn/newsroom/press-releases/2024-emerging-tech-hc
[3] https://www.youtube.com/watch?v=cBkfk0VbvLw
[4] https://projectdiscovery.io/#solutions
[5] https://cloud.projectdiscovery.io/
[6] https://github.com/projectdiscovery
[7] https://cloud.tencent.com.cn/developer/article/1552167
[8] https://cloud.tencent.com.cn/developer/article/2016448
