Skip to main content

Scan software with ReversingLabs

Scan your software with ReversingLabs by providing the file path to the files you want to scan.

 

To scan software with ReversingLabs, use the command:

smctl scan rl-scan --input <path to software>

Alternatively, use the abbreviated version of the command:

smctl sc rl-scan --input <path to software>

Prerequisites

Flags

Threat detection scan commands with ReversingLabs support these flags:

Table 1. Flags for Threat detection scans with ReversingLabs

Shortcut

Flag

Description

 

--input string

Path to file you want to scan.

--exit-non-zero-on-fail

Scan exits with a non zero response on failure.

--keep-reference

Use file reference, instead of copying to store directory.

--project string

Scan project alias.

--rl-secure-executable string

Path to ReversingLabs scanning tool (rl-secure) executable.

--rl-risk-report string

Specify yes or no to confirm whether you want to generate the Full Risk report for the threat detection scan. The default yes.

--sarif string

Specify yes or no to confirm whether you want to generate a SARIF report for the threat detection scan. The default yes.

--sbom string

Specify cyclonedx, spdx, or no to confirm whether you want to generate an SBOM report and the type for the threat detection scan. The default cyclonedx.

--scan-alias string

Provide a identifiable alias for this scan.

--store-dir string

File path to store the scanning data.

--threat-summary

Provide a high-level summary of key findings and threats detected during the scan. Only available for users with the ReversingLabs service tier: Supply Chain Compromise Risk Assessment Service.

-h

--help

Help for the ReversingLab scan.


Example

Description: Install ReversingLabs (rl-deploy) scanning tool in the same location as where it was downloaded.

Command:

smctl scan rl-scan --input <file to scan> --project <project alias> --scan-alias <scan alias> --version <version>

Command sample:

smctl scan rl-scan --input C:\Users\John.Doe\Documents\Software\MVP.so --project MVP-project --scan-alias MVPscan1 --version 1.0.0

Troubleshooting

For help with the list scans command, use:

smctl scan rl-scan --help

Alternatively, use the abbreviated version of the command:

smctl sc rl-scan -h