Werbot is an open-source solution allowing users to securely share access to servers, data bases, web applications, desktops, containers and clouds; providing full-fledged options for controlling and auditing of the work performed on them.
⚠️ Current major version is zero (v0.x.x) to accommodate rapid development and fast iteration while getting early feedback from users. Please keep in mind that Werbot is still under active development and therefore full backward compatibility is not guaranteed before reaching v1.0.0.
- Werbot works with dedicated, VPS, and cloud servers
- Manages servers from different providers in one account
- Doesn’t require any additional agent to be installed on the server
- Records every server session and collects logs
- Provides a single sign-on
Werbot is written in golang, runs in Docker containers, and works as microservices. It requires little processing power, scales easily, and can be implemented in the workflow of any company within 1 hour.
Supported technology:
- Protocols - SSH, Telnet, RDP, VNC
- Providers - all providers + fast import from AWS, Google, Amazon, Azure
- Containers - Docker, Kubernetes
- Databases - MySQL, Maria, PostgresQL, Redis, MongoDB, Elasticsearch, and other
- Unsafely kept server access, passwords, and keys
- Difficult server access management
- Uncontrolled work on servers
- Unwanted connections on servers
- Expensive and limited in functionality server monitoring tools
Werbot users connect to all accessible servers with a single sign-on using their login and private key. All work performed on servers connected to Werbot is logged and recorded as a screencast.
Identity and Access Management solutions existing today can have limited functionalities or work with only one server provider, and support few protocols.
There are also complex Enterprise solutions that are quite expensive solutions and not suitable for everyone.
The prototype of Werbot was developed for internal use firstly. Over time, the prototype was refined and developed into a full-fledged platform available to everyone.
SaaS version is currently working on the site werbot.com. There we are offering a ready-made solution that is suitable for most companies and does not need to be configured by a specialist, so it can be used even without the involvement of cybersecurity specialists.
Werbot covers 3 of the most important cybersecurity challenges:
- Helps to manage server access
- Helps to control users’ activity on servers
- Gathers evidence to show security certification compliances
Recently we decided to rewrite the code of the SaaS version and make it open source. We are currently working on this.
Here is a list of modules that are included within the Werbot.
| Component | Description |
|---|---|
| web | 🖥 Werbot web dashboard |
| ee | 🏭 Werbot Enterprise functions |
| install | 🚀 The script for installing Werbot |
| agent.windows | 👮♂️ Windows agent |
| agent.unix | 👮♂️ Unix agent |
| pam | 🔐 Pluggable Authentication Module for native two factor authentication agents for *nix platforms |
... coming soon ...
... coming soon ...
Join our growing community around the world, for help, ideas, and discussions regarding Werbot.
- Follow us on Twitter
- Connect with us on LinkedIn
- Visit us on YouTube
- Join our Dev community
- Questions tagged #werbot on Stack Overflow
We would for you to get involved with Werbot development! If you want to say thank you and/or support the active development of Werbot:
- Add a GitHub Star to the project.
- Tweet about the project on your Twitter.
- Write a review or tutorial on Medium, Dev.to or personal blog.
You can learn more about how you can contribute to this project in the contribution guide.
For security issues, view our vulnerability policy, view our security policy, and kindly email us at [email protected] instead of posting a public issue on GitHub.
Source code for Werbot, located in this repository, is released under the Business Source License 1.1.
All content that resides under the "add-on/*/" directory of this repository, if that directory exists, is licensed under the license defined in "add-on/*/LICENSE".
All content that resides under the "web/" directory of this repository, if that directory exists, is licensed under the license defined in "web/LICENSE".
All third party components incorporated into the Werbot Software are licensed under the original license provided by the owner of the applicable component.
What is the license?
The Business Source License is identical to Apache 2.0 with the only exception being that you can't use the code to create a cloud service or, in other words, resell the product to others.
BSL is adopted by MariaDB, Sentry, CockroachDB, Couchbase and many others. In most cases, it is a more permissive license than, for example, AGPL, because it allows you to make private changes to the code.
In three years, the code also becomes available under Apache 2.0 license. You can learn more about BSL here.
Why BSL license?
We picked the license to allow users to share access to their servers, databases, app, or application access features or access monitoring features using Werbot, but forbidding other companies to create a cloud service using the code.
We provide a application access service ourselves in order to monetize our work and sustain development efforts.
Are you open-source?
Technically, the BSL license is classified as source-available, but we continue to use the term open-source on the basis that the source code is open.
Existing SEO practices don't leave us much choice and our competitors do more or less the same.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent