@redpillsec/cli
v1.0.1
Published
RedPill Security CLI - OpenAPI security scanner that reveals vulnerabilities in your API specifications
Downloads
2
Maintainers
t0z4Readme
🚀 Quick Start
# Install globally
npm install -g @redpillsec/cli
# Scan your OpenAPI specification
redpill scan openapi api.yaml
# Get help
redpill --help📖 About
RedPill Security CLI is a powerful OpenAPI security scanner that reveals vulnerabilities in your API specifications. Take the red pill and see the security issues you didn't know existed.
🎯 Features
- OpenAPI Security Scanning: Comprehensive analysis of OpenAPI/Swagger specifications
- Multiple Output Formats: Text, JSON, CSV, and Markdown reports
- Configurable Rules: Customize security rules via configuration files
- CI/CD Ready: Perfect for automated security testing in pipelines
- Detailed Reports: Clear explanations of vulnerabilities and recommendations
🔧 Installation
Global Installation (Recommended)
npm install -g @redpillsec/cliLocal Installation
npm install --save-dev @redpillsec/cli📋 Usage
Basic Scanning
# Scan a single OpenAPI file
redpill scan openapi api.yaml
# Scan with JSON output
redpill scan openapi api.yaml --format json
# Save results to file
redpill scan openapi api.yaml --output results.jsonAdvanced Options
# Use custom configuration
redpill scan openapi api.yaml --config custom-rules.json
# Verbose output
redpill scan openapi api.yaml --verbose
# Quiet mode (errors only)
redpill scan openapi api.yaml --quietConfiguration Management
# Create default configuration file
redpill init-config
# Create config with custom path
redpill init-config my-config.json⚙️ Configuration
Create a redpill.config.json file to customize security rules:
{
"rules": {
"security-definition-required": true,
"no-http-basic": true,
"security-schemes-defined": true,
"no-secrets-in-url": true,
"https-required": true
},
"output": {
"format": "text",
"verbose": false
}
}📊 Output Formats
Text (Default)
Human-readable format perfect for terminal output and quick reviews.
JSON
redpill scan openapi api.yaml --format jsonMachine-readable format ideal for CI/CD integration and automated processing.
CSV
redpill scan openapi api.yaml --format csvSpreadsheet-compatible format for reporting and analysis.
Markdown
redpill scan openapi api.yaml --format markdownDocumentation-friendly format for reports and wikis.
🔍 Security Rules
RedPill Security CLI checks for various OpenAPI security issues:
- Missing Security Definitions: APIs without proper security schemes
- Weak Authentication: HTTP Basic auth and other weak methods
- Insecure Protocols: HTTP instead of HTTPS
- Exposed Secrets: API keys and tokens in URLs
- Missing Security Requirements: Endpoints without security enforcement
- And many more...
🛠️ CI/CD Integration
GitHub Actions
- name: Install RedPill Security CLI
run: npm install -g @redpillsec/cli
- name: Scan OpenAPI Spec
run: redpill scan openapi api.yaml --format json --output security-report.jsonJenkins
sh 'npm install -g @redpillsec/cli'
sh 'redpill scan openapi api.yaml --format json --output security-report.json'📚 Examples
Check out our examples directory for:
- Sample OpenAPI specifications
- Configuration examples
- CI/CD pipeline templates
- Output format samples
🤝 Contributing
We welcome contributions! Please see our Contributing Guide for details.
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
📄 License
This project is licensed under the MIT License - see the LICENSE file for details.
💬 Support
- 📧 Email: [email protected]
- 🌐 Website: redpillsec.io
- 🐛 Issues: GitHub Issues
🗺️ Roadmap
- 🔜 AI-powered vulnerability analysis
- 🔜 OWASP API Top 10 scanner
- 🔜 Real-time API monitoring
- 🔜 Integration with popular API gateways
- 🔜 Custom rule development framework