Xygeni Scanner Reference

Usage:

xygeni [-hqvV] [--pass=<l>] [--token=<L>] [--url=<k>] [--user=<L>] [@<filename>...] [COMMAND]

Parameters:
      [@<filename>...]   One or more argument files containing options.
  -q, --quiet            Quiet mode: do not generate output at console.
  -v, --verbose          Verbose output?
  -h, --help             Show this help message and exit.
  -V, --version          Print version information and exit.

Xygeni credentials - clear-text or encrypted, env:VAR, file:PATH
They override the corresponding values in xygeni.yml configuration.
      --url=<k>          Xygeni api URL
      --token=<L>        Access token.
      --pass=<l>         Password. Deprecated, token is recommended.
      --user=<L>         Username.

Commands:
  scan                 Runs all analyses available.
  multi-scan           Runs scans on multiple subdirectories (modules).
  org-scan             Discovers, and even scans, the Organization repositories.
  inventory            Discover SDLC assets for project.
  deps, scan-deps      Scan software project for dependencies and SBOM generation.
  suspectdeps          Detect suspect dependencies in project.
  compliance           Check compliance with supply-chain standards.
  codetamper           Detect potential code tampering.
  secrets              Detect hard-coded secrets in project.
  misconf              Detect misconfigurations in project.
  iac                  Detect security flaws in IaC template files.
  malware              Detect malware evidences.
  report-upload        Converts and uploads an external tool or xygeni report into Xygeni platform.
  util                 Utilities for configuration.
  generate-completion  Generate bash/zsh completion script for xygeni.