The Triangulum Command Line Interface (Triangulum CLI) is a tool that enables you to run various scans depending on your requirements. Triangulum is the scanning engine used by Strobes. If you want to initiate any of the scans (that you usually initiate using Strobes) on your local machine, on your build server, you can download the Triangulum CLI and initiate the scans.
Triangulum CLI requires docker to be installed. Once you download the Triangulum CLI, you also need to give it permission to execute. It can be run on Windows, Linux and MacOS.
Using Triangulum CLI you can invoke the following scans:
Static Security Scanners
- AppScan SAST
- Brakeman for ROR
- Dependency Scanner
- Git Leaks
- PHP CodeSniffer
- Security Code Scan
Dynamic Application Scanners
- ZAP Rest API Scanner
- ZAP Web Application Scanner
Triangulum CLI Usage
sham@ubuntu-s-1vcpu-1gb-blr1-01:~$ ./triangulum --help
usage: triangulum [-h] [-c COMMAND] [--cli] [--register-hook] [--cfg CFG] [-v]
-h, --help show this help message and exit
-c COMMAND Command to Triangulum to start, stop, restart or view
--cli For running triangulum in cli version
--register-hook For registering a hook in git repos
--cfg CFG Optional absolute config file path in case of using cli
-v, --version Triangulum version
--debug Enable debug mode
To use the Triangulum CLI, you will have to use the '--cli' flag.
To invoke scans using the Triangulum CLI, you will have to create configuration files. You can configure only one scan per YAML file, but you can create multiple scan configuration files and place them all in a folder.
The following articles will detail all the various configuration options for SAST, DAST, Cloud and Container scanners.