Installation

How to get Diverg running: cloud access, CLI, API, and enterprise deployment.

Overview

Diverg Open is our self-serve surface: web console, API where offered, Chrome extension (source), and the open-source diverg-auto CLI. Sign in at dash.divergsec.com for the hosted console.

Private investigations and security assessments use our internal pipeline and are not the same depth as Open. To schedule: email [email protected].

Cloud & dashboard

When you sign in to Diverg Open (cloud account), you get access to the web dashboard. From there you can:

  • Run investigations on URLs, domains, or wallet addresses
  • View structured reports with findings, severity, and evidence
  • Configure API keys (Solscan, Arkham, Etherscan, etc.) for full blockchain and OSINT coverage
  • Schedule recurring scans and set up alerts (e.g. Telegram)

No local installation required, use the dashboard from any browser.

Open-source CLI (Diverg Open scanner)

The diverg-auto project ships a standalone scanner for authorized targets, passive checks plus active, non-destructive probes and attack-path output. Typical use cases:

  • Developers and researchers who want a local or CI-native workflow
  • GitHub Actions / GitLab CI gates on deploy
  • Air-gapped environments where you install from source or an internal mirror

Install from GitHub (recommended in examples on this site):

pip install git+https://github.com/fennq/diverg-auto.git

PyPI: the same codebase is published under the PyPI package name diverg-lite (historical name). Repo and import id: diverg-auto. Public product name: Diverg Open.

pip install diverg-lite

CLI entry point: diverg-scan. Full options: see the diverg-auto README and Quick Start.

Hosted API / platform CLI

For investigations that run against Diverg’s hosted platform, API keys and usage are provided through the Diverg Open dashboard after you sign in, not the same as the open-source diverg-scan binary unless you wire them together in your own integration.

API keys & integrations

To get the most from Diverg, you can configure third-party API keys. These are optional but enable richer data:

  • Blockchain: Solscan Pro, Arkham, Etherscan, for wallet labels, token metadata, and flow data
  • Web/OSINT: Wappalyzer, Shodan, Censys, for technology detection and infrastructure lookup

Without these keys, Diverg still runs all skills but will mark certain checks as "skipped" in the report and will not substitute fake data. See Integrations and Fact-Only Reporting for details.

Enterprise & on-premise

For self-hosted deployment, custom integrations, or strict compliance requirements, we offer enterprise installations. Email [email protected] to book a conversation about architecture, SSO, RBAC, and threat-intel feeds.