CLI Interface Reference
Search, copy, and configure VScanX command parameters to orchestrate scans, compute deltas, or execute regressions.
Mental Model
The VScanX Command Line Interface (CLI) is the central orchestration entrypoint (`vscanx.py`). It is built to run cleanly in both local developer terminals and headless CI/CD containers.
Every primary capability—running profiles, executing isolated verifications, loading cached snapshots, and running security state regressions—is mapped to explicit, deterministic command flags.
CLI Parameter Matrix
Use the following scannable table to map framework runtime configurations:
| Command Flag | Type | Default | Description |
|---|---|---|---|
| -t, --target | String | None | Specifies the scanning target (URL, IP address, or smart contract address). |
| --profile | String | web | Selects the scanner module profile domain: web, network, web3, or agentic. |
| --verify | Flag | False | Orchestrates dynamic sandbox validation payload execution on flagged anomalies. |
| --replay | String | None | Loads and triggers regression tests using a historical serialized run snapshot JSON file path. |
| --diff | String String | None | Accepts two run snapshot IDs to compute security posture mutations ($S_A \rightarrow S_B$). |
| --fail-on-critical | Flag | False | Causes the CLI engine to exit with status 1 if verified critical anomalies are returned. |
Practical Command Recipes
Use the following copy-paste friendly configurations for standard operational scenarios:
Orchestrate Web Anomalies & Spawner Sandboxes
Performs active redirect and SQLi passive scans, emitting events to spawn isolated validation containers:
python vscanx.py --target enterprise-api.com --profile web --verify
Verify Web3 Reentrancy on Ethereum Forks
Pulls bytecode structure and simulates withdrawal loops inside an isolated local Ethereum RPC fork:
python vscanx.py --target 0xde0B295669a9FD93d5F28D9Ec85E40f4cb697BAe --profile web3 --verify
Calculate Posture Deltas between Runs
Compares two historical snapshots to isolate introduced regressions or resolved vulnerabilities:
python vscanx.py --diff run_291A_web.json run_291B_web.json