scan Commands

Home › Reference › Commands › Scan

Security scanning and evidence collection for audit compliance.

Commands in this Category

Command	Purpose
scan	Run security scans with --scanner flag
scan zap	Dynamic Application Security Testing (DAST)

Scanner Types

The main scan command supports these scanner types via --scanner flag:

• sbom - Software Bill of Materials (Trivy)
• vuln - Vulnerability scanning (Trivy)
• secrets - Secret detection (Trivy)
• iac - Infrastructure as Code scanning (Trivy)
• compliance - Compliance checking (Trivy)
• sast - Static Application Security Testing (Semgrep)

Quick Examples

# Run all default scans
r2r eac scan

# Specific scanner types
r2r eac scan --scanner vuln,secrets

# Multiple modules with specific scanners
r2r eac scan eac-core eac-commands --scanner sbom,vuln

# Dynamic testing (separate subcommand)
r2r eac scan zap eac-api --target http://localhost:8080

See Also

• Category Overview
• validate Commands

---

Tutorials | How-to Guides | Explanation | Reference

You are here: Reference — information-oriented technical descriptions of the system.