Command Language Syntax
The Bright CLI accepts a wide variety of configuration options. You can run bright-cli --help
command for comprehensive documentation. The configuration options and arguments in the command line must be passed after the program command that the Bright CLI is executing.
bright-cli <command> [option] [<argument>]
- Most commands and some options have aliases. Aliases are shown in the syntax statement for each command.
- The option names are prefixed with a double dash (--). The option aliases are prefixed with a single dash (-). Arguments are not prefixed.
- Support is provided for an array of options of a specific command, separated by a space. For example:
bright-cli scan:run --token API_KEY --name SCAN_NAME --crawler TARGET_URL --param path query body --test default_login_location dom_xss sqli
The Bright CLI provides the following global options that can affect the behavior of each command:
Option | Description |
---|---|
--config=pathToConfig | Specifies the path to the configuration file. By default, the CLI tries to discover the config in package.json in the root directory of your application or a separate file by a specified name in the working directory. See Configuration Files for more information. |
--log-level | Allows setting the level of logs to report. Any logs of a higher level than the one specified are shown. The options to select : 0, 1, 2, 3, 4, 5, "silent", "error", "warn", "notice", "verbose", "trace". Default: 3 Example: --log-level =0/1/2/3/4/5/silent/ error/warn/notice/verbose/trace |
--insecure | Allows the Bright CLI to proceed and operate even if the server connection is considered insecure. Default: false |
--cluster | (Deprecated). Use --hostname instead. |
--hostname | Bright cluster (domain name). Default: <app.brightsec.com > |
--proxy=socksProxyUrl | Specify a proxy URL to route all traffic through. This should be an HTTP(S), SOCKS4, or SOCKS5 URL. Can be read also from environment param PROXY. Default: If you specify SOCKS://<URL> , then SOCKS5h is applied. |
--proxy-bright | Specify a proxy URL to route the traffic to Bright. |
--proxy-target | Specify a proxy URL to route the traffic to the targets. |
--proxy-domains | The optional flag that can be used with either proxy-target or proxy . It accepts a list of domains to be proxied and separated by spaces. Only domains in the list will be proxied.Domains can include wildcards. For example, *.foo.bar will proxy a.foo.bar , b.foo.bar , etc.Note: Traffic that goes to Bright will always be proxied if proxy-bright or proxy is specified, regardless of what is specified in proxy-domains .Example: bright-cli repeater --token <TOKEN> --id <ID> --proxy http://localhost:9000 --proxy-domains TESTEXAMPLE1.com TESTEXAMPLE2.com |
--proxy-domains-bypass | Space-separated list of domains that should not be routed through the proxy. This option is only applicable when using the --proxy option. Can be read also from environment param NO_PROXY. Example: bright-cli repeater --token <TOKEN> --id <ID> --proxy http://localhost:9000 --proxy-domains-bypass TESTEXAMPLE1.com TESTEXAMPLE2.com (Cannot be used with --proxy-domains at the same time) |
--timeout | The optional flag allows users to set a timeout in seconds or a duration string (e.g.: 10s, 1m). Note: If not specified, the parameter is set to 30 seconds. Example: --timeout 45 |
--version, -v | Shows the Bright CLI version. |
--help, -h | Shows the Bright CLI help documentation. |
Updated 11 days ago