search
Ctrlk

General usage

hashtag
How to use

hashtag
Installation

Download the sasha script from herearrow-up-right and make it executable. A later invocation of the script will ensure, through Docker, that the scanner image meterian/sasha:latestarrow-up-right is pulled. Subsequent invocations of the script will not ensure this, so newer versions of the image can be accessed through docker pull.

hashtag
Executing a scan

To execute a scan, from the directory of the codebase that you are interested to analyse, run the sasha script.

$ sasha

Before doing so it is important that you set the METERIAN_API_TOKEN environment variable on your system as scans require authentication.

export METERIAN_API_TOKEN=12345678-90ab-cdef-1234-567890abcdef

Once you're set supported files in your codebase will analysed and results will be available to view and manage on a report on the Meterian Dashboardarrow-up-right that you can reach via a URL provided at the end of the analysis. 

Meterian SASHA v1.0.13
© 2017-2026 Meterian Ltd - All rights reserved

Authorizing the client...
Successfull authorization performed.

Account: "ACME TEAM"
- Minimum scores:
  - security: 90
- Analysis scopes:
  - security: packaged components

Folder WebGoat contains supported files!

Analyzing source code for defects...

Running RoslynAnalyzers locally...
- generating SARIF report(s)...
- loading SARIF report(s)...
Done.

Running OpenGrep locally...
- generating SARIF report(s)...
- loading SARIF report(s)...
Done.

Defects detected: 223

Starting analysis on Meterian...

Creating project acme-team/WebGoat
Project information:
- url:    [email protected]:acme-team/WebGoat.git
- branch: master
- commit: 657ebea7264cf20824fcd85a2de3c19c4699d3e5

Analyzing...
Done.

Final results:
-  security:	0	(minimum: 90)

Full report available at: 
https://www.meterian.com/sasha/?pid=12345678-xxxx-xxxx-xxx-71433629bb37&branch=master&mode=eli

Scan outcome: FAIL
PreviousIntroductionNextCommand line parameters

Last updated