Running a Scan

This command enables you to start a new scan.

Discovery options

Option	Description
`-a`, `--archive`	A collection your app's http/websockets logs into HAR file. Usually you can use browser dev tools or our browser web extension.
`--archive=fileId`, `-a=fileId`	The archive ID, which can be received via the `archive:upload` command.
`--crawler=url`, `-c=url`	Specifies a list of specific URLs that should be included during crawler discovery.

Additional options

Option	Description
`--host-filter=hostOrIp`, `-F=hostOrIp`	The list of specific hosts to be included in the scan.
`--header=headerName:headerValue`, `-H=headerName:headerValue`	Extra headers to be passed with the archive file. It can also be used to remove a header by providing a name without content. For example, -H "Host:". Warning: Headers set with this option override the archive headers and are set in all the requests.
`--test=testName`	Specifies a list of relevant tests to execute during a scan. For the list of available tests, see the Vulnerabilities Index. Example: `bright-cli scan:run --test default_login_location xss`. Note: The usage of `--bucket` and `--test` arguments together is not allowed.
`--bucket`	This key allows the user to supply a list of the buckets to use it to start the scan. For the list of available tests, see the Vulnerabilities Index. Example: `bright-cli scan:run --bucket api client_side` Note: The usage of `--bucket` and `--test` arguments together is not allowed.
`--smart`	Enables you to use automatic smart decisions, such as parameter skipping, detection phases, and so on to minimize scan time. When set to `false` (turned off), all tests are run on all parameters, which increases the coverage at the expense of scan time. Default: `--smart true`
`--name=scanName`, `-n=scanName`	The name of the scan. Required option.
`--project`, `-p`	Allows specifying the Bright project for a scan using the project ID. You can find the project ID in the Projects section in the Bright app.
`--param=path/query/fragment/` `header/body/artificial-fragment/artificial-query`	Note: This argument can be passed multiple times in the same command. Default: `--parameter body query fragment`.
`--auth=authObjectID`, `-o=authObjectID`	Specifies the ID of the authentication object to be connect to the scan. To learn more about authentication objects, see Authentication.
`--template=templateId`,`-tp=templateId`	Template ID. Allows to import scan settings from a template. If any scan settings are specified explicitly, they will override template settings. Examples: `scan:run -t apiKey -n scanName -p projectId -tp templateId` – start scan with all settings imported from the template. \ `scan:run -t apiKey -n scanName -p projectId -tp templateId --test testName` – start scan will all settings but tests imported from the template.
`--exclude`	Enables you to manage exclusions from a scan. If you want to ignore some of the parameter names during the tests, use `exclude-param`. For example, `--exclude-param ID$`. `--exclude-entry-point` A list of JSON strings that contain patterns for entry points you would like to ignore during the tests. Important: To remove default exclusions, pass an empty string. To apply patterns for all HTTP methods, you can set an empty array to “methods”. For example `{“methods”: [], “patterns”: “users\\/?$”}`.
`--entrypoint`, `-e`	Specify Entrypoint IDs: Users can pass a list of entrypoint IDs to run the scan on specific entrypoints. Example: `bright-cli scan:run --entrypoint <entrypoint_id1> <entrypoint_id2> <entrypoint_id3>` Scan Project-Level Entrypoints: If a project is specified and the `--entrypoint` flag is added without specifying entrypoint IDs, the scan will run on the first 2000 project-level Entrypoints. Example: `bright-cli scan:run --project <PROJECT_ID> --entrypoint`
`--concurrency`	Number of maximum concurrent requests allowed to be sent to the target, can range between 1 to 50 (default: 10).

Updated 10 months ago