CLI Reference
python3 wasmshark.py [OPTIONS] [FILE]
Arguments
Argument |
Description |
|---|---|
|
WASM binary to analyze (positional) |
Output Options
Flag |
Description |
|---|---|
|
Show full analysis report |
|
Show verdict line only |
|
Write HTML report |
|
Write JSON report |
|
Write SARIF report (for IDE/CI integration) |
|
Custom HTML output path |
|
Custom JSON output path |
|
Export CFG DOT files to directory |
Analysis Options
Flag |
Description |
|---|---|
|
Load |
|
Load plugins from directory |
|
Run Wasabi dynamic instrumentation |
|
Run CFG anomaly detection on all functions |
|
Export module-level CFG overview to directory |
|
Show disassembly of top suspicious functions |
Batch Operations
Flag |
Description |
|---|---|
|
Scan directory for all |
|
Write batch scan results to CSV (use with |
|
Compare FILE against FILE_B |
Examples
# Basic scan
python3 wasmshark.py sample.wasm
# Full analysis
python3 wasmshark.py sample.wasm -v \
--rules ./rules/ --plugins ./plugins/ \
--html --json --sarif
# Quiet mode with rules
python3 wasmshark.py sample.wasm -q --rules ./rules/
# Directory scan + CSV
python3 wasmshark.py -d ./samples/ \
--rules ./rules/ --csv results.csv
# Diff two binaries
python3 wasmshark.py a.wasm --diff b.wasm --rules ./rules/
# Static + Wasabi dynamic
python3 wasmshark.py sample.wasm --rules ./rules/ --wasabi
# CFG anomaly export
python3 wasmshark.py sample.wasm \
--plugins ./plugins/ \
--cfg-anomaly --cfg-overview ./cfgs/
Watch Mode
python3 wasmshark_watch.py [PATHS...] [OPTIONS]
Flag |
Description |
|---|---|
|
Rules directory for rescans |
|
Plugins directory for rescans |
|
Poll interval in seconds (default: 1.0) |
|
Shell command to run on MALICIOUS verdict. Use |
eBPF Monitor
python3 wasmshark_ebpf.py [OPTIONS]
Flag |
Description |
|---|---|
|
PID to monitor (required) |
|
Enable bpftrace eBPF probes |
|
Use /proc polling only |
|
Duration in seconds |
|
Write JSON report to FILE |