REDVEIL/Docs
CLI

Examples

End-to-end workflow examples for CI/CD pipelines, bulk imports, finding triage, cloud reviews, and profile management.

CI/CD Pipeline Authentication

Use the two-step device flow for environments where a browser is not available on the same machine.

Step 1 — On the CI runner, start the device flow:

AUTH=$(pentest-agent auth device start --json)
DEVICE_CODE=$(echo "$AUTH" | jq -r '.deviceCode')
USER_CODE=$(echo "$AUTH" | jq -r '.userCode')
EXPIRES_IN=$(echo "$AUTH" | jq -r '.expiresIn')
echo "Authorize at: $(echo "$AUTH" | jq -r '.verificationUriComplete')"

Step 2 — After the user completes sign-in in a browser:

pentest-agent auth device poll \
  --device-code "$DEVICE_CODE" \
  --expires-in "$EXPIRES_IN"

Alternative — Use an environment variable token:

export REDVEIL_TOKEN="eyJhbGci..."
pentest-agent project list --json

Full Pentest Workflow

# Create project
PROJECT=$(pentest-agent project create webapp \
  --name "Acme App" \
  --target https://app.acme.com \
  --auth-type bearer \
  --bearer-token @/secrets/bearer.txt \
  --json)
PROJECT_ID=$(echo "$PROJECT" | jq -r '._id')
# Estimate cost
pentest-agent usage estimate-project "$PROJECT_ID" --json
# Check available ops
pentest-agent usage check --estimated 200 --json
# Start scan
pentest-agent scan start "$PROJECT_ID"
# Poll scan status
pentest-agent scan status "$PROJECT_ID" --json
# List findings when complete
pentest-agent finding list "$PROJECT_ID" --json
# Generate executive report
pentest-agent report generate --project "$PROJECT_ID" --type executive_pdf --json

Bulk Target Import

# From a file with one domain per line
pentest-agent project create external_network \
  --name "Acme Perimeter" \
  --targets-file /path/to/domains.txt \
  --include-subdomains true
# From a JSON array
pentest-agent project create external_network \
  --name "Acme Perimeter" \
  --targets '["acme.com","api.acme.com","cdn.acme.com"]'
# Mix repeatable flags and a file
pentest-agent project create webapp \
  --name "Multi-target App" \
  --target https://app.acme.com \
  --target https://api.acme.com \
  --targets-file /path/to/more-urls.txt \
  --auth-type none

Finding Triage Workflow

# List open findings
pentest-agent finding list "$PROJECT_ID" --status open --json
# Inspect a specific finding
pentest-agent finding get "$FINDING_ID" --json
# Mark as false positive
pentest-agent finding false-positive "$FINDING_ID" \
  --justification "Behind WAF, not externally reachable."
# Changed your mind — remove the adjustment
pentest-agent finding unadjust "$FINDING_ID"
# Retest a single finding after remediation
pentest-agent finding retest "$FINDING_ID"
# Retest all open findings
pentest-agent finding retest-all "$PROJECT_ID"
# Download a single-finding PDF
URL=$(pentest-agent finding pdf "$FINDING_ID" --json | jq -r '.downloadUrl')
curl -o finding-report.pdf "$URL"

Internal Network Project with Credentials

pentest-agent project create internal_network \
  --name "Acme Internal" \
  --target 10.0.0.0/24 \
  --target 10.0.1.0/24 \
  --port-scan-mode full \
  --credentials-provided true \
  --domain-username "ACME\\scanner" \
  --domain-password @/secrets/domain-pass.txt \
  --segmentation-testing true \
  --segmentation-networks "10.0.2.0/24,10.0.3.0/24"

Cloud Configuration Review

# AWS
pentest-agent project create cloud \
  --name "Acme AWS Review" \
  --provider aws \
  --aws-access-key-id AKIAIOSFODNN7EXAMPLE \
  --aws-secret-access-key @/secrets/aws-secret.txt \
  --aws-region us-east-1
# GCP
pentest-agent project create cloud \
  --name "Acme GCP Review" \
  --provider gcp \
  --gcp-service-account-json @/secrets/gcp-sa.json \
  --gcp-project-id acme-prod-123
# Azure
pentest-agent project create cloud \
  --name "Acme Azure Review" \
  --provider azure \
  --azure-tenant-id 00000000-0000-0000-0000-000000000000 \
  --azure-client-id 11111111-1111-1111-1111-111111111111 \
  --azure-client-secret @/secrets/azure-secret.txt \
  --azure-subscription-id 22222222-2222-2222-2222-222222222222

Session Management with Profiles

# Authenticate as two different organizations
pentest-agent auth login --profile acme
pentest-agent auth login --profile globex
# List profiles
pentest-agent auth profiles
# Switch the active profile
pentest-agent auth use acme
# Run a one-off command with a different profile
pentest-agent project list --profile globex --json
# Log out of everything
pentest-agent auth logout --all

Reference

Input conventions, reference values, and enumerations for the pentest-agent CLI.

What happens if I run out of Agent Ops?

What to do if you run out of Agent Ops in your plan

On this page

CI/CD Pipeline AuthenticationFull Pentest WorkflowBulk Target ImportFinding Triage WorkflowInternal Network Project with CredentialsCloud Configuration ReviewSession Management with Profiles