Skip to main content

Usage

esprit scan <target> [options]

Description

The scan command initiates an AI-powered penetration test against one or more targets. Esprit automatically detects the target type (URL, repository, or local directory) and performs comprehensive security testing.

Arguments

target
string
required
Target(s) to test. Supports multiple formats:
  • Web URLs: https://example.com, https://api.example.com
  • Git repositories: github.com/user/repo, https://github.com/user/repo.git
  • Local directories: ./my-project, /path/to/codebase
Multiple targets can be specified: esprit scan target1 target2 target3

Options

--instruction
string
Custom instructions for the scan. Provide specific objectives, areas to focus on, or constraints.Example: --instruction "Focus on authentication and session management"
--instruction-file
path
Path to a file containing custom instructions. Cannot be used with --instruction.Example: --instruction-file ./scan-instructions.txt
-n, --non-interactive
boolean
Run in non-interactive mode. Automatically selects default options without prompting. Useful for CI/CD pipelines and automated workflows.Default: false
-m, --scan-mode
string
Scan depth and thoroughness level.Choices:
  • quick: Fast reconnaissance and surface-level checks
  • standard: Balanced scan with common vulnerability testing
  • deep: Comprehensive testing with advanced exploitation techniques
Default: deep
--config
path
Path to a custom configuration file. Overrides default settings.Example: --config ./esprit-config.yaml

Exit Codes

  • 0: Scan completed successfully
  • 1: Configuration error, authentication failure, or invalid target
  • 2: Scan interrupted or failed during execution

Examples

Scan a web application

esprit scan https://example.com

Scan a GitHub repository

esprit scan github.com/user/repo
esprit scan https://github.com/user/repo.git

Scan local codebase

esprit scan ./my-project
esprit scan /path/to/application

Quick scan with custom instructions

esprit scan https://api.example.com -m quick --instruction "Test GraphQL endpoints only"

Non-interactive scan for CI/CD

esprit scan https://staging.example.com -n -m standard

Scan multiple targets

esprit scan https://example.com https://api.example.com ./frontend

Use instruction file

esprit scan https://example.com --instruction-file ./pentest-scope.txt

Pre-scan Checks

Before starting a scan, Esprit performs automatic validation:
  1. Provider Authentication: Verifies LLM provider is configured
  2. Model Selection: Ensures a valid model is selected
  3. Docker Health (local runtime): Checks Docker daemon and disk space
  4. Target Validation: Confirms target is accessible
Use esprit provider status to check authentication status before scanning.

Legacy Syntax

The -t, --target flag is still supported but deprecated: 
# Old syntax (still works)
esprit --target https://example.com

# New syntax (preferred)
esprit scan https://example.com

Build docs developers (and LLMs) love

Get started for freeTalk to us