Skip to main content
Esprit automatically detects and handles multiple target types. This guide covers how to scan web applications, repositories, local code, IP addresses, and domain names.

Target Type Detection

Esprit uses intelligent target inference from esprit/interface/utils.py:829 to automatically detect:
  • Web Applications - URLs with http:// or https://
  • Repositories - Git URLs and repository patterns
  • Local Code - Directories on your filesystem
  • IP Addresses - IPv4 and IPv6 addresses
  • Domains - Domain names without protocol

Web Application Scanning

Scan any web application by providing a URL: 
esprit scan https://example.com
Localhost URLs are automatically rewritten to use host.docker.internal for proper access from the Docker sandbox environment. See esprit/interface/utils.py:994.

Domain Name Scanning

Esprit accepts bare domain names and automatically adds https://: 
esprit scan example.com
esprit scan api.example.com
esprit scan subdomain.example.co.uk

Repository Scanning

Scan Git repositories from various sources: 
esprit scan https://github.com/user/repo
esprit scan github.com/user/repo

Repository Detection Logic

From esprit/interface/utils.py:817, repositories are detected by:
  1. URLs starting with git@ or git://
  2. URLs ending with .git
  3. HTTP(S) URLs with credentials in the URL
  4. HTTP(S) URLs that respond to Git’s info/refs endpoint
Repositories are automatically cloned to a temporary directory before scanning. The clone path is stored in esprit_runs/<run-name>/cloned_repos/.

Local Directory Scanning

Scan code on your local filesystem: 
esprit scan ./my-project
esprit scan ../another-project
The path must point to an existing directory. Files are not supported - only directories can be scanned.

IP Address Scanning

Scan network targets by IP address: 
esprit scan 192.168.1.100
esprit scan 10.0.0.50
Loopback addresses (127.0.0.0/8, ::1) are automatically rewritten to host.docker.internal for container network access.

Multiple Target Scanning

Scan multiple targets in a single session: 
esprit scan https://example.com github.com/user/repo ./local-app
Each target is processed with its own workspace subdirectory. From esprit/interface/utils.py:926:
  • Repository names are derived from the URL
  • Local paths use the directory name
  • Duplicate names get numeric suffixes (repo-1, repo-2)

Terminal Output Example

┌─────────────────────────────────────────────────────────────┐
│ ESPRIT                                                      │
├─────────────────────────────────────────────────────────────┤
│                                                             │
│  Penetration test initiated                                 │
│                                                             │
│  Target  https://example.com                                │
│  Output  esprit_runs/example-com_a3f2                       │
│                                                             │
│  Vulnerabilities will be displayed in real-time.            │
│                                                             │
└─────────────────────────────────────────────────────────────┘

Target Validation

From esprit/interface/main.py:1173, Esprit validates all targets before starting:
  • URLs must be properly formatted
  • Local paths must exist and be directories
  • Repository URLs must be accessible
  • IP addresses must be valid IPv4 or IPv6
Invalid targets will display an error: 
esprit scan invalid-target
# Error: Invalid target 'invalid-target'
# Target must be one of:
# - A valid URL (http:// or https://)
# - A Git repository URL
# - A local directory path
# - A domain name (e.g., example.com)
# - An IP address

Best Practices

  • Test both HTTP and HTTPS if applicable
  • Include full paths for API endpoints
  • Quote URLs with special characters
  • Verify localhost ports are accessible

Next Steps

Scan Modes

Choose between quick, standard, and deep scan modes

Custom Instructions

Guide scans with custom testing instructions

Build docs developers (and LLMs) love

Get started for freeTalk to us