The easiest way to get BugTraceAI-CLI up and running is using the interactive installation wizard:
./install.shThe wizard provides two installation modes:
- Local Installation: Python virtual environment setup (best for development)
- Docker Installation: Containerized deployment with automatic port detection (best for production)
- ✅ Python 3.10 or higher
- ✅ pip3 (Python package manager)
- ✅ Docker (required for some agents: GoSpider, Nuclei, SQLMap)
- ⚙️ nmap (optional, but recommended)
- ⚙️ Git (for cloning the repository)
- ✅ Docker Engine
- ✅ Docker Compose (or
docker composeplugin) - ✅ Git (for cloning the repository)
- 🔑 OpenRouter API key (get one here)
When you choose Option 1: Local Installation, the wizard will:
- ✅ Check if Python 3, pip, Docker, and nmap are installed
- 📄 Create
.envfile from.env.example(if not exists) - 🐍 Create a Python virtual environment in
.venv/ - 📦 Install all Python dependencies from
requirements.txt - 🌐 Install Playwright Chromium browser
- 🔧 Build Go fuzzers (XSS, SSRF, IDOR, LFI)
- 📁 Create necessary directories (
reports/,logs/,data/)
# Activate the virtual environment
source .venv/bin/activate
# Configure your API key in .env
nano .env # Add your OPENROUTER_API_KEY
# Run a scan
./bugtraceai-cli scan https://example.com
# Run an authenticated scan (login-protected target)
./bugtraceai-cli scan https://example.com --auth-config auth_config.yaml
# Or start the API server
./bugtraceai-cli serve --port 8000✅ Advantages:
- Full access to source code for customization
- Faster iteration during development
- No Docker image rebuild needed for code changes
- Direct access to logs and debugging
- Requires Python 3.10+ installed on your system
- Must manage dependencies manually
- System-level dependencies (nmap, Docker) required
When you choose Option 2: Docker Installation, the wizard will:
- ✅ Check if Docker and Docker Compose are installed
- ✅ Verify Docker daemon is running
- 📄 Create
.envfile from.env.example(if not exists) - 🔍 Automatically detect if port 8000 is in use
- 🎯 Find the next available port if 8000 is occupied
- ⚙️ Update
docker-compose.ymlwith the selected port - 🏗️ Build the Docker image (includes Go fuzzers, Playwright, PyTorch)
- 🚀 Start the container in detached mode
- ⏳ Wait for the API to be ready (health check)
$ ./install.sh
...
⚙️ Configuring network ports...
⚠ Default port 8000 is already in use
⚙️ Searching for available port starting from 8000...
→ Found available port: 8003
Use port 8003? [Y/n]: y
→ Using port: 8003
⚙️ Updating docker-compose.yml with port 8003...
✓ Port configuration updatedThe API will be running at the selected port:
# Check API health
curl http://localhost:8000/health
# Or if port was changed: http://localhost:8003/health
# View API documentation
open http://localhost:8000/docs
# View container logs
docker compose logs -f
# Stop the container
docker compose stop
# Start the container
docker compose start
# Restart the container
docker compose restart
# Stop and remove the container
docker compose down# Trigger a scan via API
curl -X POST http://localhost:8000/api/scans \
-H "Content-Type: application/json" \
-d '{"target": "https://example.com"}'
# Get scan status
curl http://localhost:8000/api/scans/{scan_id}
# List all scans
curl http://localhost:8000/api/scans
# Trigger an authenticated scan via API
curl -X POST http://localhost:8000/api/scans \
-H "Content-Type: application/json" \
-d '{"target": "https://example.com", "auth_config_path": "/app/auth_config.yaml"}'✅ Advantages:
- Isolated environment (no conflicts with system packages)
- Consistent behavior across different machines
- Easy deployment to production servers
- All dependencies bundled (Go fuzzers, Playwright, PyTorch)
- Automatic port conflict resolution
- Longer initial build time (5-10 minutes)
- Must rebuild image after code changes
- Requires Docker knowledge for troubleshooting
Edit .env to configure BugTraceAI-CLI:
# Required: Your OpenRouter API key
OPENROUTER_API_KEY=sk-or-v1-xxxxxxxxxx
# Optional: CORS origins for Web UI
BUGTRACE_CORS_ORIGINS=http://localhost:3000,http://localhost:5173
# Optional: Override LLM models
# DEFAULT_MODEL=google/gemini-2.0-flash-thinking-exp:free
# SKEPTICAL_MODEL=anthropic/claude-3.5-haiku:beta
# VISION_MODEL=google/gemini-2.0-flash-thinking-exp:freeBugTraceAI-CLI supports scanning login-protected applications via a YAML configuration file. This includes support for TOTP (Time-Based One-Time Password) token generation for 2FA-protected targets.
Create auth_config.yaml:
login_url: https://target.com/login
username: pentester@example.com
password: your_password_here
totp_secret: BASE32TOTPSECRETHERE # optional — for 2FA/TOTP apps
success_condition: "dashboard" # string that confirms successful loginRun an authenticated scan:
./bugtraceai-cli scan https://target.com --auth-config auth_config.yamlThe scanner will automatically:
- Navigate to
login_url - Fill in credentials
- Generate a real-time TOTP token (if
totp_secretis set) - Confirm login success via
success_condition - Reuse the authenticated session across all 6 scan phases
The
auth_config.yamlis automatically included in the report ZIP for audit traceability.
The wizard automatically handles port conflicts, but you can manually edit docker-compose.yml:
services:
api:
ports:
- "8000:8000" # Change left number to use different host portProblem: Python version too old
python3 --version # Must be 3.10 or higherSolution: Install Python 3.10+ or use Docker installation instead.
Problem: Virtual environment activation fails
source .venv/bin/activate
# If using fish shell:
source .venv/bin/activate.fishProblem: Playwright installation fails
# Manually install Playwright
playwright install chromium
playwright install-deps chromiumProblem: Docker daemon not running
sudo systemctl start docker
# Or on macOS:
open -a DockerProblem: Permission denied when running Docker commands
# Add your user to docker group (Linux)
sudo usermod -aG docker $USER
newgrp dockerProblem: Port already in use The wizard automatically detects this, but you can manually:
# Find what's using port 8000
sudo lsof -i :8000
# Or
sudo netstat -tulpn | grep 8000Problem: Build fails due to network issues
# Retry with clean build
docker compose build --no-cacheProblem: Container exits immediately
# Check logs for errors
docker compose logsProblem: API returns authentication errors
- Verify your OpenRouter API key is correct in
.env - Ensure
.envfile exists and is not named.env.txt - For Docker: Restart container after changing
.env
# Verify .env is loaded (Local)
cat .env
# Verify .env is loaded (Docker)
docker compose config# Activate virtual environment
source .venv/bin/activate
# Check Python packages
pip list | grep -E "playwright|fastapi|typer"
# Check Go fuzzers
ls -la tools/bin/
# Test CLI
./bugtraceai-cli --help
# Quick health check
python3 -c "import playwright; print('✓ Playwright OK')"# Check container is running
docker compose ps
# Check API health
curl http://localhost:8000/health
# Expected response:
# {"status": "healthy", "version": "3.5.7-beta"}
# Check logs
docker compose logs --tail=50
# Access container shell
docker compose exec api bashYou can run the wizard multiple times to switch installation modes:
# Already have local installation? Add Docker too:
./install.sh
# Choose option 2
# Want to switch from Docker to local development?
docker compose down # Stop Docker
./install.sh
# Choose option 1Both modes can coexist on the same system.
After installation, see the README.md for:
- Running your first scan
- Configuration options
- Agent documentation
- Output formats
- Advanced usage
| Resource | Link |
|---|---|
| 📖 Wiki | deepwiki.com/BugTraceAI/BugTraceAI-CLI |
| 🌐 Website | bugtraceai.com |
| 🐛 Issues | GitHub Issues |
| 💬 Contact | @yz9yt |
Made with ❤️ by the BugTraceAI team