§ Docs

Brektra CLI

Run AI app security scans from your terminal. Localhost runs require no signup. Production targets use the same DNS verification as the dashboard.

Install

npx brektra-cli --help

Or install globally.

npm install -g brektra-cli

Scan localhost

No login is required to scan a local URL. Brektra runs Safe Mode payloads only.

brektra scan http://localhost:3000

Sign in

Required for scanning public domains and viewing replay links. The CLI opens a browser window and stores the token in ~/.brektra/config.json.

brektra login

Scan a verified domain

Add the target as a verified domain in the dashboard first. The CLI uses your stored API key to start the scan and stream the kill chain back to the terminal.

brektra scan https://app.example.com

Run a single Atlas pattern

Pick any pattern from the Attack Atlas. Pass the slug (e.g. direct-instruction-override) to run only that pattern.

brektra atlas direct-instruction-override --target https://app.example.com

Open the replay

brektra replay scan_abc123

Source

The CLI is open source on GitHub. Pull requests welcome.