CLI Reference
Complete reference for running DAST Scanner from the Docker CLI.
Prerequisites
- Docker installed and running
- Levo account and credentials
Docker Image
ghcr.io/levoai/levoai-shadownet:latest
Command Overview
| Command | Purpose |
|---|---|
scan | Run full security scan (crawl + passive + active testing). Full flag reference below. |
login | Authenticate with the Levo platform. Flags: -k/--auth-key, -o/--org-id. Persists a session under ~/.config/configstore. |
logout | Remove saved credentials (no flags). |
export | Export scan results to a different format. Flags: --scan-id, --format [json|sarif|csv], --output-file. |
Scan Command
Run comprehensive security scanning on a target.
docker run --rm -it --shm-size=1g \
ghcr.io/levoai/levoai-shadownet:latest \
scan [OPTIONS] TARGET
Basic Examples
# Simple scan with no authentication
docker run --rm -it --shm-size=1g \
ghcr.io/levoai/levoai-shadownet:latest \
scan https://example.com
# Scan with form login
docker run --rm -it --shm-size=1g \
ghcr.io/levoai/levoai-shadownet:latest \
scan https://example.com \
--auth form \
--username admin \
--password secret \
--login-url https://example.com/login
# Scan with bearer token
docker run --rm -it --shm-size=1g \
ghcr.io/levoai/levoai-shadownet:latest \
scan https://api.example.com \
--auth token \
--token "Bearer eyJhbGciOi..."
# API-only scan
docker run --rm -it --shm-size=1g \
ghcr.io/levoai/levoai-shadownet:latest \
scan https://api.example.com --scan-mode api
# Passive scanning only
docker run --rm -it --shm-size=1g \
ghcr.io/levoai/levoai-shadownet:latest \
scan https://example.com --no-active
Scan Options
Target
| Option | Type | Description |
|---|---|---|
TARGET | string | Target URL to scan (required) |
Scan Phases
| Option | Type | Default | Description |
|---|---|---|---|
--passive / --no-passive | flag | enabled | Enable passive scanning |
--active / --no-active | flag | enabled | Enable active injection testing |
--js-cve / --no-js-cve | flag | disabled | Enable JavaScript library CVE scanning (cve.js) |
--dom-cve / --no-dom-cve | flag | disabled | Enable DOM vulnerability scanning (cve.dom) |
--ai / --no-ai | flag | disabled | Enable AI-powered analysis (scan.enable_ai) |
Crawling & Discovery
| Option | Type | Default | Description |
|---|---|---|---|
--crawl-mode [standard|ai|hybrid] | enum | standard | Crawling strategy |
--max-depth | integer | 3 | Maximum crawl depth |
--max-pages | integer | 100 | Maximum pages to crawl |
--delay-seconds | integer | 0 | Delay between requests (seconds) |
Active Scanning Tuning
| Option | Type | Default | Description |
|---|---|---|---|
--max-payloads | integer | - | Max payloads per injection point |
--inject-locations | string | - | Comma-separated: query, body, header, cookie, path |
--disable-categories | string | - | Comma-separated vulnerability categories to skip |
--active-delay-ms | integer | - | Delay between active requests (ms) |
Authentication
| Option | Type | Description |
|---|---|---|
--auth [none|form|token|ai] | enum | Auth strategy (default: none) |
--username / -u | string | Username for login |
--password / -p | string | Password for login |
--token / -t | string | Bearer token |
--login-url | string | Login page URL (for form auth) |
Severity & Filtering
| Option | Type | Default | Description |
|---|---|---|---|
--severity [critical|high|medium|low|info] | enum | low | Minimum severity to report (matches reporting.severity) |
Output
| Option | Type | Default | Description |
|---|---|---|---|
--output [table|json|sarif|quiet] | enum | table | Output format |
--output-file / -f | path | - | Write results to file |
--name | string | - | Scan name (for dashboard) |
CI/CD Integration
| Option | Type | Description |
|---|---|---|
--ci / --non-interactive | flag | Non-interactive mode (no prompts) |
--fail-on [critical|high|medium|low|info] | enum | Exit code 1 if findings at or above severity |
Config file
| Option | Type | Description |
|---|---|---|
--config | path | Path to a levo-dast.yml config file. Overrides auto-discovery (./levo-dast.yml, ./levo-dast.yaml). |
Levo Platform
| Option | Type | Description |
|---|---|---|
--org-id | string | Levo organization ID (or LEVOAI_ORG_ID). |
--workspace-id | string | Levo workspace ID (or LEVOAI_WORKSPACE_ID). |
--env-id | string | Levo environment ID (or LEVOAI_ENV_ID). Required when --send-issues is used. |
--app-id | string | Levo application ID (or LEVOAI_APP_ID). |
--send-issues | flag | Push findings to the Levo dashboard (reporting.send_issues). Requires --env-id. |
--satellite-url | string | Route scan traffic through a Levo Satellite (satellite.url). |
Advanced
| Option | Type | Description |
|---|---|---|
--timeout-seconds | integer | Scan timeout (seconds) |
--ignore-third-party | flag | Ignore third-party domains |
--capture-domains | string | Comma-separated domains to capture |
--exclude-domains | string | Comma-separated domains to exclude |
--verbose | flag | Verbose logging |
Exit Codes
| Code | Meaning |
|---|---|
| 0 | Scan completed successfully |
| 1 | Scan failed or findings at/above --fail-on threshold |
| 130 | Scan interrupted by user |
Getting Help
docker run --rm -it \
ghcr.io/levoai/levoai-shadownet:latest \
--help
docker run --rm -it \
ghcr.io/levoai/levoai-shadownet:latest \
scan --help
Next Steps
- Docker Quickstart - Full Docker setup guide
- Configuration - Advanced configuration options
- levo-dast.yml - Repeatable scans with a committed config file
- CI/CD Integration - Automate in your pipeline
- Levo Dashboard - Report findings to dashboard
Was this page helpful?