Skip to main content
A curated tour of the most common vigolium invocations, grouped by command. For the full flag list of any command, run vigolium <command> --help. For the same examples in your terminal, run vigolium --full-example.

Top-Level Commands

vigolium --help              # All available commands and global flags
vigolium <command> --help    # Flags and help for a specific command
vigolium --full-example      # Curated tour of all common usage
vigolium version             # Build and version info
The global --soft-fail flag forces an exit code of 0 even when a command fails (the error is still printed to stderr). It keeps a failing vigolium call from interrupting the wrapping script or CI pipeline: 
vigolium scan -t https://example.com --soft-fail

Scanning

Run the full native pipeline against one or more targets. 
# Single target
vigolium scan -t https://example.com

# Multiple targets (-t and -T/--target-file are both repeatable and combine)
vigolium scan -t https://example.com -t https://api.example.com
vigolium scan -T targets.txt
vigolium scan -T prod.txt -T staging.txt

# Scanning profiles and strategies
vigolium scan -t https://example.com --strategy deep
vigolium scan -t https://example.com --scanning-profile quick
vigolium scan -t https://example.com --scanning-profile full

# Phase control
vigolium scan -t https://example.com --only dynamic-assessment
vigolium scan -t https://example.com --skip discovery,spidering

# Module selection
vigolium scan -t https://example.com -m xss-reflected,sqli-error
vigolium scan -t https://example.com --module-tag spring --module-tag injection

# Output and reporting
vigolium scan -t https://example.com --format jsonl -o results.jsonl
vigolium scan -t https://example.com --format html -o report.html
vigolium scan -S -t https://example.com --format sqlite -o scan      # standalone .sqlite (stateless only)
vigolium scan -t https://example.com --format fs -o run             # browsable run-traffic/ + run-findings/ tree

# Network controls
vigolium scan -t https://example.com --proxy http://127.0.0.1:8080
vigolium scan -t https://example.com -c 100 --rate-limit 200
vigolium scan -t https://example.com --scanning-max-duration 2h

# CI/agent exit-code gating
vigolium scan -t https://example.com --fail-on high       # exit non-zero on any high+ finding
vigolium scan -t https://example.com --fail-on high --soft-fail   # surface the error but always exit 0

# Custom JS extensions
vigolium scan -t https://example.com --ext custom-check.js
vigolium scan -t https://example.com --ext-dir ./my-extensions
vigolium scan -t https://example.com --only extension --ext custom-check.js

# Project scoping
vigolium scan -t https://example.com --project-name my-project

# OAST and known-issue scanning
vigolium scan -t https://example.com --oast-url https://interact.sh/abc123
vigolium scan -t https://example.com --known-issue-scan-tags cve,misconfig --known-issue-scan-severities critical,high

Parallel & isolated scans

Scan many targets at once, or let several parallel scans share one database without write contention. 
# Fan out a target list across N isolated child processes, one per-host output file each
vigolium scan -T targets.txt -P 4 --stateless --split-by-host --format jsonl -o results

# Parallel into one shared DB: each worker scans into a private temp DB, then merges into --db
vigolium scan -T targets.txt -P 4 --db-isolate --db shared.db --format jsonl,html -o report

# Single scan into a private temp DB merged back into --db (no write contention)
vigolium scan -t https://example.com --db-isolate --db shared.db

# Resume an interrupted stateless fan-out (skips targets that already completed)
vigolium scan -T targets.txt -P 4 --stateless --split-by-host --format jsonl -o results --resume
vigolium scan --resume                                              # auto-discover *.progress.json in cwd
  • -P, --parallel N — scan up to N targets concurrently as isolated child processes. Requires either -S --split-by-host (per-host outputs) or --db-isolate (merge into one --db). Real in-flight requests ≈ N × --concurrency.
  • --db-isolate — scan into a private temporary SQLite DB and merge results into --db at the end (SQLite only; not combinable with --stateless).
  • --split-by-host — in stateless multi-target mode, write a separate base-<host>.<ext> output file per target.
  • --resume — resume a prior -S -T --split-by-host -P run from its <output>.progress.json manifest, scanning only the targets that didn’t finish. Run bare (no other flags) to auto-discover the manifest in the current directory and relaunch the saved run.

Running a Single Phase

vigolium run <phase> is an alias for scan --only <phase>, useful when you want one specific stage of the pipeline. 
vigolium run discover -t https://example.com
vigolium run spidering -t https://example.com
vigolium run dynamic-assessment -t https://example.com
vigolium run dynamic-assessment -t https://example.com --module-tag spring
vigolium run external-harvest -t https://example.com
vigolium run known-issue-scan -t https://example.com
vigolium run known-issue-scan -t https://example.com --known-issue-scan-tags cve --known-issue-scan-severities critical,high
vigolium run extension -t https://example.com --ext custom-check.js
vigolium run deparos -t https://example.com
vigolium run dast -t https://example.com

Input Modes

Feed traffic into a scan from OpenAPI, Burp, curl, HAR, or stdin. 
vigolium scan -I openapi -i openapi.yaml -t https://api.example.com
vigolium scan -I burp    -i burp-export.xml -t https://example.com
vigolium scan -I curl    -i requests.txt
vigolium scan -I har     -i traffic.har
cat urls.txt | vigolium scan -i -
Run vigolium --list-input-mode to see every supported input format with examples.

Ingestion

Push HTTP traffic into the database without running a scan, useful for building a project corpus before scanning, or for sending traffic to a remote server. 
vigolium ingest -t https://example.com -I openapi -i spec.yaml
vigolium ingest -t https://example.com -I burp    -i export.xml
cat urls.txt | vigolium ingest -i -

# Send to a remote Vigolium server
vigolium ingest -s http://server:9002 -i api.yaml -I openapi

Server

Start the REST API and ingest proxy. 
vigolium server                                              # Default host/port from config
vigolium server --host 0.0.0.0 --service-port 8443
vigolium server --no-auth                                    # Local use only — disables bearer auth
vigolium server -t https://example.com --scan-on-receive     # Auto-scan ingested traffic
vigolium server --mirror-fs ./mirror                         # Live-mirror ingested traffic + findings to a filesystem tree

# Transparent ingest proxy (records traffic flowing through it)
vigolium server --ingest-proxy-port 9003

# Intercept HTTPS too via a generated MITM CA (trust the CA printed at startup)
vigolium server --ingest-proxy-port 9003 --proxy-mitm -S
vigolium server --ingest-proxy-port 9003 --proxy-mitm --proxy-insecure   # skip upstream TLS verification

# Export the MITM CA certificate and exit (generates it if needed)
vigolium server --export-ca ./vigolium-ca.pem
See Transparent Proxy for the full MITM workflow.

Database & Results

Browse, export, and prune scan data. 
# Browse
vigolium db ls
vigolium db ls --table findings
vigolium db stats
vigolium db stats --detailed
vigolium traffic                  # Alias for `db ls --table http_records`
vigolium traffic login            # Filter to login-related records
vigolium finding                  # Fuzzy-search findings
vigolium finding xss --markdown   # Render matches as Markdown (evidence + http blocks) to stdout
vigolium finding --min-severity high --confidence certain,firm   # Filter by severity floor + confidence

# Read a standalone export directly (project scoping off, never writes to your DB)
vigolium finding -S --db ./scan.jsonl --min-severity high
vigolium traffic -S --db ./scan.sqlite --status 500 -n 20

# Export
vigolium export --format jsonl -o full-export.jsonl
vigolium export --format jsonl --only findings
vigolium export --format jsonl --only findings,http
vigolium export --format html -o report.html
vigolium export --format fs -o run            # browsable run-traffic/ + run-findings/ tree (also on `db export`)

# Cleanup
vigolium db clean --scan-uuid my-scan
finding/traffic accept -S/--stateless + --db <file> to read a --format jsonl export or a standalone .sqlite directly, and --markdown to print the matched items as Markdown (under -S, add --compact to window long responses around the match).

Strategies & Phases

Inspect scanning strategy presets and the phases that make up a scan. 
vigolium strategy
vigolium strategy ls
vigolium phase

Modules

Manage the active and passive scanner modules. 
vigolium module ls
vigolium module ls xss             # Search by keyword
vigolium module enable xss
vigolium module disable sqli
vigolium scan -M                   # List all modules from the scan command

Extensions

Run and manage JavaScript extensions that hook into the scanner. 
vigolium ext ls
vigolium ext docs
vigolium ext preset
vigolium ext eval 'vigolium.log("hello")'
vigolium ext eval --ext-file script.js

Scope

Control what’s in-scope. Source code is attached per scan via the --source flag on vigolium agent <subcommand> (autopilot, swarm, query, audit). 
vigolium scope view
vigolium scope set host.include '*.example.com'

Agent (AI)

Run agentic and source-audit modes. See Agent Mode for the full list of subcommands.

agent query: single-shot prompts

vigolium agent query --source ./src --prompt-template security-code-review
vigolium agent query --source ./src --prompt-template endpoint-discovery
vigolium agent query 'review this code for vulnerabilities'
vigolium agent query --agent-label code-review --prompt-file custom-prompt.md
vigolium agent --list-templates

agent swarm: AI-guided multi-phase scan

vigolium agent swarm -t https://example.com --discover
vigolium agent swarm -t https://example.com --discover --focus 'API injection'

# Skill control (force-load attack-vector skills, bypass planner selection)
vigolium agent swarm -t https://example.com --discover --skill-tag xss,idor
vigolium agent swarm -t https://example.com --discover --no-skill-filter

agent autopilot: autonomous agentic scan

# Natural-language prompt — target, source, and focus auto-extracted
vigolium agent autopilot "scan VAmPI source at ~/src/VAmPI on localhost:3005"
vigolium agent autopilot "test auth bypass on https://app.example.com"

# Plain target
vigolium agent autopilot -t https://example.com/api

# Source-aware (auto-runs vigolium-audit first to build context)
vigolium agent autopilot -t https://example.com --source ./src
vigolium agent autopilot -t https://example.com --source ./src --audit=off   # disable vigolium-audit

# Pipe a curl command or raw HTTP request via stdin
curl -s https://example.com/api/users | vigolium agent autopilot
cat request.txt | vigolium agent autopilot -t https://example.com

# Pass curl/raw HTTP as input
vigolium agent autopilot --input "curl -X POST -H 'Content-Type: application/json' \
  -d '{\"user\":\"admin\"}' https://example.com/api/login"

# Focus the agent on specific vulnerability classes
vigolium agent autopilot -t https://example.com --focus "auth bypass and IDOR"

# Skill control — force-load skills by name or tag, or skip pre-flight selection
vigolium agent autopilot -t https://example.com --skill idor-blast-radius
vigolium agent autopilot -t https://example.com --skill-tag xss,idor
vigolium agent autopilot -t https://example.com --no-skill-filter

# Intensity presets — quick (CI/PR), balanced (default), deep (pentest)
vigolium agent autopilot -t https://example.com --intensity deep
vigolium agent autopilot -t https://example.com --source ./src --intensity quick

# Narrow source scope
vigolium agent autopilot -t https://example.com --source ./src \
  --files "routes/api.js,controllers/auth.js" \
  --instruction "Focus on the new payment endpoint"

# PR / diff-aware scan
vigolium agent autopilot -t https://example.com --source ./src --diff "main...feature-branch"
vigolium agent autopilot -t https://example.com --source ./src --last-commits 3

# Backend / browser / auth
vigolium agent autopilot -t https://example.com --provider anthropic-api-key
vigolium agent autopilot -t https://example.com --browser --credentials "admin/admin123"

# Limits and previews
vigolium agent autopilot -t https://example.com --intensity deep --max-duration 4h
vigolium agent autopilot -t https://example.com --intensity quick --triage
vigolium agent autopilot -t https://example.com --source ./src --dry-run
vigolium agent autopilot -t https://example.com --source ./src --show-prompt

agent audit: unified source audit (vigolium-audit + piolium)

Runs the vigolium-audit harness and/or piolium against a single source tree under one AgenticScan, with per-driver session subdirs and a post-pass findings dedup. vigolium-audit is the embedded harness name; the CLI driver value is audit. 
# Default driver is "auto": run audit; fall back to piolium only if the
# claude/codex CLI required by audit is missing. Balanced mode.
vigolium agent audit --source .

# Run both drivers back-to-back, unconditionally
vigolium agent audit --driver both --source ./backend

# Single driver — piolium only (no audit, no fallback)
vigolium agent audit --driver piolium --source ./backend --mode lite
vigolium agent audit --driver audit   --source ./backend --agent claude

# Multi-driver, deep intensity, against a remote git URL
vigolium agent audit --driver both --source [email protected]:org/repo.git --intensity deep
vigolium agent audit --driver both --source https://github.com/org/repo.git --commit-depth 0   # full history

# Override pi's provider/model for the piolium leg
vigolium agent audit --driver both --source ./backend \
  --pi-provider vertex-anthropic --pi-model claude-opus-4-6

# Driver-specific modes (piolium=longshot/smoke, audit=mock)
vigolium agent audit --driver piolium --source ./mono-repo --mode longshot \
  --plm-longshot-langs python,go --plm-longshot-limit 200
vigolium agent audit --driver audit --source ./backend --mode mock

# Cap commit-history scan window (piolium only)
vigolium agent audit --driver piolium --source ./backend --plm-scan-since "60 days ago"
vigolium agent audit --driver piolium --source ./backend --plm-scan-limit 500

# Skip post-pass dedup or preflight checks
vigolium agent audit --source ./backend --no-dedup
vigolium agent audit --source ./backend --no-preflight

# Pull source from a cloud-storage archive, upload results when done
vigolium agent audit --source gs://my-bucket/snapshots/repo.tar.gz
vigolium agent audit --source ./backend --upload-results

log: replay an agentic session

Every olium agent run (autopilot, swarm, query, olium) writes a Pi-compatible transcript.jsonl. Replay it as a rendered conversation, or dump the raw JSONL: 
vigolium log                       # Replay the most recent agentic session
vigolium log <session-id>          # Replay a specific session
vigolium log --raw                 # Print the raw transcript JSONL verbatim instead of the rendered replay

Configuration

vigolium config ls
vigolium config clean
vigolium init                     # Initialize ~/.vigolium with defaults
vigolium doctor                   # Diagnose configuration and tool readiness
vigolium auth                     # Authentication management utilities
vigolium project                  # Manage multi-tenant projects
This page covers the most common invocations. Every command supports --help for the full flag reference, and most commands accept the global flags shown by vigolium --help.