> ## Documentation Index
> Fetch the complete documentation index at: https://docs.vigolium.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Stateless Scanning

> Scan targets and get results in a single command without managing a persistent database, ideal for CI/CD, scripting, and quick checks.

## Overview

Vigolium offers several ways to scan a target and get results in a single command without managing a persistent database. This is ideal for CI/CD pipelines, scripting, and quick ad-hoc checks.

## Quick Scan with `scan-url`

The fastest way to scan a single URL. No database, no phases -- just direct module execution:

```bash theme={null}
vigolium scan-url https://example.com/api/users?id=1
```

JSON output for scripting:

```bash theme={null}
vigolium scan-url -j https://example.com/api/users?id=1
```

With authentication and a POST body:

```bash theme={null}
vigolium scan-url \
  --method POST \
  --body '{"user":"admin","pass":"secret"}' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer tok123' \
  https://example.com/api/login
```

Run only specific modules:

```bash theme={null}
vigolium scan-url -m sqli -m xss https://example.com/search?q=test
```

Skip passive analysis for faster results:

```bash theme={null}
vigolium scan-url --no-passive https://example.com/api/data
```

## Scanning Raw HTTP Requests with `scan-request`

Feed a raw HTTP request from a file or stdin:

```bash theme={null}
# From a file
vigolium scan-request -i request.txt

# From stdin (raw HTTP)
printf 'GET /api/users?id=1 HTTP/1.1\r\nHost: example.com\r\n\r\n' | vigolium scan-request

# From a curl command (auto-detected)
echo "curl -X POST -d 'user=admin' https://example.com/login" | vigolium scan-request
```

Override the target host when the request file lacks a full URL:

```bash theme={null}
vigolium scan-request -i request.txt --target https://staging.example.com
```

## Piping Input from stdin

Both `scan-url` and `scan-request` auto-detect the input format from stdin:

**Plain URL:**

```bash theme={null}
echo 'https://example.com/search?q=test' | vigolium scan-url
```

**Curl command:**

```bash theme={null}
echo "curl -X POST -H 'Content-Type: application/json' -d '{\"id\":1}' https://example.com/api" | vigolium scan-url
```

**Raw HTTP request:**

```bash theme={null}
printf 'POST /api/login HTTP/1.1\r\nHost: example.com\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\nuser=admin&pass=secret' | vigolium scan-request
```

## Full Pipeline with `--stateless`

For a complete multi-phase scan without a persistent database, use the `--stateless` flag on `vigolium scan`. This creates a temporary database, runs all phases, exports results, and cleans up:

```bash theme={null}
vigolium scan --stateless \
  -t https://example.com \
  --format jsonl \
  -o results
```

This produces `results.jsonl` with all findings. Combine multiple output formats:

```bash theme={null}
vigolium scan --stateless \
  -t https://example.com \
  --format jsonl,html \
  -o results
```

This produces both `results.jsonl` and `results.html`.

## Output Formats

### Console (default)

Human-readable colored output to the terminal:

```bash theme={null}
vigolium scan-url https://example.com/search?q=test
```

### JSONL

Machine-readable, one JSON object per line. Use `-j` or `--format jsonl`:

```bash theme={null}
vigolium scan-url -j https://example.com/search?q=test
vigolium scan-url --format jsonl https://example.com/search?q=test
```

### HTML

Interactive report with ag-grid table. Requires `-o` to specify the output path:

```bash theme={null}
vigolium scan --stateless -t https://example.com --format html -o report
```

### SQLite

Dump the per-run database to a single standalone `.sqlite` file (via `VACUUM INTO`). Only available in stateless mode and requires `-o`. Aliases: `sqlite3`, `db`:

```bash theme={null}
vigolium scan --stateless -t https://example.com --format sqlite -o scan
```

You can reopen the file later without a persistent project DB (see [Reading Results Back](#reading-results-back)).

### Filesystem (fs)

Write a flat, browsable tree instead of a single file — handy for piping a scan straight to a coding agent that prefers `ls`/`grep`/`jq` over a database:

```bash theme={null}
vigolium scan --stateless -t https://example.com --format fs -o run
```

This produces `run-traffic/` and `run-findings/` with per-host raw `.req`/`.resp.*` files, cross-linked finding `.md` files, and a jq-friendly `index.json` in each. `--split-by-host` is a no-op (fs already splits by host), and `--omit-response` drops the response files. See [Output and Reporting](/getting-started/output-and-reporting#filesystem-fs) for the full layout.

### Multiple Formats

Comma-separate formats to produce several outputs at once:

```bash theme={null}
vigolium scan --stateless -t https://example.com --format console,jsonl,html -o scan-output
```

## Reading Results Back

A stateless run leaves no project database behind, but you can still browse a `.jsonl` or `.sqlite` export after the fact. Point `finding`/`traffic` at the file with `-S/--stateless` + `--db` — project scoping is turned off and nothing is written to your project DB:

```bash theme={null}
# Browse a JSONL export with the usual filters/sorting
vigolium finding -S --db ./scan-output.jsonl --min-severity high
vigolium traffic -S --db ./scan-output.jsonl --status 500 -n 20

# Or a standalone .sqlite produced by --format sqlite
vigolium finding -S --db ./scan.sqlite --json --with-records

# Render one finding as Markdown (add --compact to window long responses)
vigolium finding -S --db ./scan.sqlite --id 42 --markdown --compact
```

## CI/CD Integration

Use `--ci-output-format` for clean, parseable output with no banners or color codes:

```bash theme={null}
vigolium scan --stateless \
  -t https://example.com \
  --ci-output-format \
  -o findings
```

This forces JSONL output and suppresses all decorative output.

## Scanning from Various Input Sources

### From an OpenAPI Spec

```bash theme={null}
vigolium scan --stateless \
  --input api-spec.yaml -I openapi \
  -t https://api.example.com \
  --format jsonl -o results
```

### From a Burp Suite Export

```bash theme={null}
vigolium scan --stateless \
  --input export.xml -I burpxml \
  --format jsonl -o results
```

### From a HAR File

```bash theme={null}
vigolium scan --stateless \
  --input traffic.har -I har \
  --format jsonl -o results
```

### From a Postman Collection

```bash theme={null}
vigolium scan --stateless \
  --input collection.json -I postman \
  -t https://api.example.com \
  --format jsonl -o results
```

## Tuning the Scan

Control concurrency and rate limits:

```bash theme={null}
vigolium scan --stateless \
  -t https://example.com \
  -c 100 \
  --rate-limit 200 \
  --format jsonl -o results
```

Use a scanning strategy preset:

```bash theme={null}
# Lightweight: fewer modules, faster
vigolium scan --stateless -t https://example.com --strategy lite -o results --format jsonl

# Deep: more modules, thorough
vigolium scan --stateless -t https://example.com --strategy deep -o results --format jsonl
```

Include the full HTTP response in findings for debugging:

```bash theme={null}
vigolium scan-url --include-response -j https://example.com/api/users?id=1
```

## Examples

**Quick check on a single endpoint:**

```bash theme={null}
vigolium scan-url https://example.com/api/users?id=1
```

**Full scan with JSON output in one shot:**

```bash theme={null}
vigolium scan --stateless -t https://example.com --discover --format jsonl -o findings
```

**Scan a curl command from clipboard:**

```bash theme={null}
pbpaste | vigolium scan-url -j
```

**Scan an API spec and export HTML report:**

```bash theme={null}
vigolium scan --stateless --input openapi.yaml -I openapi -t https://api.example.com --format html -o report
```
