Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (
Help us improve Python packaging - Donate today!

CLI to launch web application security scans usingTagCube's REST API

Project Description

TagCube’s CLI tool

Launch web application security scans using TagCube’s REST API, commonly used in continuous delivery scripts.


The easiest way to start a new scan is to call tagcube with the target URL as parameter:

$ export
$ export TAGCUBE_API_KEY=`cat key.txt`
$ tagcube scan --root-url
Web application scan for "" successfully started at TagCube cloud.

This will create the new domain resource in TagCube’s REST API and start a new scan using these defaults:

  • Bootstrap paths: /
  • Web application scan profile: full_audit

When the scan has finished an email will be sent to the user’s email address.

Important: depending on TagCube’s license quotas and privileges you might need to use the REST API or Web application to create and verify the ownership of the target domain before running the first scan against it.

Advanced usage

Run a scan to, notify the REST API username email address when it finishes

$ tagcube scan --root-urls

Run a scan with a custom profile, enabling verbose mode and notifying a different email address when the scan finishes

$ tagcube scan --root-urls \
               --scan-profile=fast_scan -v

Provide TagCube’s REST API credentials as command line arguments. Read the documentation to find how to provide REST API credentials using environment variables or the .tagcube file

$ tagcube scan --root-urls \

Verify that the configured credentials are working

$ tagcube auth

Configuration file

It is always a good idea to avoid hardcoded credentials in source code and deploy scripts. This tool can get the credentials from a YAML file in the current directory or the user’s home. The filename should be named .tagcube and have the following format:

    email: ...
    api_key: ...

Once the file is in place, the tool can be run:

$ tagcube auth
Successfully authenticated against TagCube's API.

Configuration through environment variables

Another way to provide tagcube-cli with the REST API credentials is to set the TAGCUBE_EMAIL and TAGCUBE_API_KEY environment variables. These are convenient to avoid hard-coding credentials in scripts or source code.

Integration with continuous delivery

Adding security to your continuous delivery process is trivial using TagCube, we recommend adding these two lines after the code is pushed to the servers:

pip install --upgrade tagcube-cli
tagcube scan --root-url

While in most cases its recommend to be specific about the version of any external package installed using pip, we recommend a more relaxed installation process for tagcube-cli which allows us to frequently push upgrades to our customers.

More info

A more detailed documentation which includes tutorials and example usages can be found at TagCube’s site

Reporting bugs

Report your issues and feature requests in tagcube-cli’s issue tracker and we’ll be more than glad to fix them.

Pull requests are more than welcome!

Release History

Release History

This version
History Node


History Node


History Node


History Node


History Node


History Node


History Node


History Node


History Node


History Node


History Node


History Node


History Node


Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
tagcube-cli-1.0.7.tar.gz (17.7 kB) Copy SHA256 Checksum SHA256 Source Jul 18, 2015

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting