secureCodeBox · Victor-Philipp-Negoescu · Oct 11, 2018 · Oct 12, 2018
diff --git a/README.md b/README.md
@@ -45,6 +45,7 @@ There is a german article about [Security DevOps – Angreifern (immer) einen Sc
 ### Prerequisites
  * Minimal Docker version 18.03.0 is required
  * Docker-Compose is required.
+ * Your docker host will need at least 4GB virtual memory to run the complete stack. If you want to scale out the scanner you will need more...
 
 For a quick start checkout this repository and start the complete secureCodeBox stack with docker-compose:
 
@@ -53,7 +54,7 @@ git clone https://github.com/secureCodeBox/secureCodeBox
 cd secureCodeBox
 ```
 
-### Start with Docker-Compose
+### Start with docker-compose
 The docker-compose.yml file can be used to launch a secureCodeBox instance.
 To start the secureCodeBox and some demo targets run the following:
 
@@ -66,9 +67,6 @@ Running `docker-compose up` uses the default credentials specified in the [`.env
  * `CAMUNDADB_USER` MySQL username used by the Camunda Engine
  * `CAMUNDADB_PW` MySQL password also used by the Camunda Engine
 
-
- > **Hint**: You will need at least 4GB virtual memory to run the complete stack. If you want to scale out the scanner you will need more...
-
 ### Run your first security scan
 There are several ways to start a security scan with the secureCodeBox. One way is to use the WebUI of the engine and start the scan manually.
 

diff --git a/cli/arachni.template.json b/cli/arachni.template.json
@@ -1,7 +1,7 @@
 [
 	{
 		"name" : "Target",
-    	"location" : "%HOST%"
+		"location" : "%TARGET%"
 	}
 ]
 
diff --git a/cli/run_scanner.sh b/cli/run_scanner.sh
@@ -149,15 +149,15 @@ if [ ! -n "${PAYLOAD_OVERRIDE}" ] && [ $# -ne 2 ] || [ "${SHOW_HELP}" == true ];
 	echo ""
 	echo "Examples:"
 	echo "  Perform a ZAP scan:"
-	echo "    ./run_scanner.sh http://some.system/somepath mytenant zap"
+	echo "    ./run_scanner.sh --tenant mytenant zap http://some.system/somepath"
 	echo "  Perform an NMAP scan:"
-	echo "    ./run_scanner.sh some.system mytenant nmap"
+	echo "    ./run_scanner.sh --tenant mytenant nmap some.system"
 	echo "  Perform an SSLyze scan using authentication:"
-	echo "    ./run_scanner.sh --auth a2VybWl0OmE= some.system mytenant sslyze"
+	echo "    ./run_scanner.sh --auth a2VybWl0OmE= --tenant mytenant sslyze some.system"
 	echo "  Perform a Nikto scan using a different backend:"
-	echo "    ./run_scanner.sh --backend http://some_scb_engine:8080 http://some_scb_elasticsearch:9200 some.system mytenant nikto"
+	echo "    ./run_scanner.sh --backend http://some_scb_engine:8080 http://some_scb_elasticsearch:9200 --tenant mytenant nikto some.system"
 	echo "  Perform a Arachni scan using a custom target config file"
-	echo "    ./run_scanner.sh --payload payloadFile.json arachni"
+	echo "    ./run_scanner.sh --payload payloadFile.json arachni http://some.system/somepath"
 
 	exit 1
 fi
@@ -243,7 +243,7 @@ fi
 if [ ! -n "${PAYLOAD_OVERRIDE}" ]; then 
 	# Verify target format
 	if [ "${TARGET_FORMAT}" = "uri" ]; then
-		if [[ ! "${TARGET}" =~ http?(s)://* ]]; then
+		if [[ ! "${TARGET}" =~ http(s)?://* ]]; then
 			error "Invalid URI to scan: '${TARGET}'! Expected: http(s)://..."
 			NUM_ERRORS=$((NUM_ERRORS + 1))
 		else