usestrix / strix

usestrix / strix

Strix: The open-source AI pentesting tool. Strix:开源 AI 渗透测试工具。

Autonomous AI hackers that find and fix your app’s vulnerabilities. 自主 AI 黑客,能够发现并修复你应用程序中的漏洞。

Tip: New! Strix integrates seamlessly with GitHub Actions and CI/CD pipelines. Automatically scan for vulnerabilities on every pull request and block insecure code before it reaches production - Get started with no setup required. 提示:新功能!Strix 可与 GitHub Actions 和 CI/CD 流水线无缝集成。在每次 Pull Request 时自动扫描漏洞,并在不安全代码进入生产环境前将其拦截——无需任何配置即可开始使用。

Strix Overview: Strix are autonomous AI penetration testing agents that act just like real hackers - they run your code dynamically, find vulnerabilities, and validate them through actual proof-of-concepts. Built for developers and security teams who need fast, accurate security testing without the overhead of manual pentesting or the false positives of static analysis tools. Strix 概述:Strix 是自主 AI 渗透测试代理,其行为与真正的黑客无异——它们动态运行你的代码,发现漏洞,并通过实际的概念验证(PoC)进行验证。专为需要快速、准确安全测试的开发人员和安全团队打造,无需手动渗透测试的繁琐开销,也避免了静态分析工具带来的误报。

Key Capabilities: 核心功能:

  • Full pentesting toolkit - reconnaissance, exploitation, and validation out of the box 完整的渗透测试工具包——开箱即用的侦察、利用和验证功能。
  • Multi-agent orchestration - teams of AI pentesters that collaborate and scale 多代理编排——可协作并扩展的 AI 渗透测试团队。
  • Real exploit validation - working PoCs, not false positives like legacy vulnerability scanners 真实的漏洞利用验证——提供可运行的 PoC,而非传统漏洞扫描器那样的误报。
  • Developer‑first CLI - actionable findings with remediation guidance 开发者优先的 CLI——提供带有修复指导的可操作性发现结果。
  • Auto-fix & reporting - generate patches and compliance-ready pentest reports 自动修复与报告——生成补丁及符合合规要求的渗透测试报告。

Use Cases 应用场景

  • Application Security Testing - Detect and validate critical vulnerabilities in your applications 应用程序安全测试——检测并验证应用程序中的关键漏洞。
  • Rapid Penetration Testing - Get penetration tests done in hours, not weeks, with compliance reports 快速渗透测试——在数小时(而非数周)内完成渗透测试,并获取合规报告。
  • Bug Bounty Automation - Automate bug bounty research and generate PoCs for faster reporting 漏洞赏金自动化——自动化漏洞赏金研究并生成 PoC,以实现更快的报告提交。
  • CI/CD Integration - Run tests in CI/CD to block vulnerabilities before reaching production CI/CD 集成——在 CI/CD 中运行测试,在代码进入生产环境前拦截漏洞。

🚀 Quick Start 🚀 快速开始

Prerequisites: 先决条件:

  • Docker (running) Docker(运行中)
  • An LLM API key from any supported provider (OpenAI, Anthropic, Google, etc.) 来自任何受支持提供商(OpenAI、Anthropic、Google 等)的 LLM API 密钥。

Installation & First Scan 安装与首次扫描

# Install Strix
curl -sSL https://strix.ai/install | bash

# Configure your AI provider
export STRIX_LLM="openai/gpt-5.4"
export LLM_API_KEY="your-api-key"

# Run your first security assessment
strix --target ./app-directory

Note: First run automatically pulls the sandbox Docker image. Results are saved to strix_runs/ 注意:首次运行时会自动拉取沙箱 Docker 镜像。结果将保存至 strix_runs/<run-name>

☁️ Strix Platform ☁️ Strix 平台

Try the Strix full-stack penetration testing platform at app.strix.ai - sign up for free, connect your repos and domains, and launch a pentest in minutes. 访问 app.strix.ai 体验 Strix 全栈渗透测试平台——免费注册,连接你的仓库和域名,几分钟内即可启动渗透测试。

  • Validated findings with PoCs - every vulnerability includes a working proof-of-concept exploit and reproduction steps 经验证的发现结果与 PoC——每个漏洞都包含可运行的概念验证利用程序和复现步骤。
  • One-click autofix - AI-generated security patches as ready-to-merge pull requests 一键自动修复——AI 生成的安全补丁,可直接作为 Pull Request 合并。
  • Continuous pentesting - always-on vulnerability scanning that keeps pace with your deployments 持续渗透测试——始终在线的漏洞扫描,与你的部署进度保持同步。
  • DevSecOps integrations - GitHub, GitLab, Bitbucket, Slack, Jira, Linear, and CI/CD pipelines DevSecOps 集成——支持 GitHub、GitLab、Bitbucket、Slack、Jira、Linear 和 CI/CD 流水线。
  • Continuous learning - AI that builds on past findings, adapts to your codebase, and reduces false positives over time 持续学习——AI 基于过往发现进行构建,适应你的代码库,并随时间推移减少误报。

Start your first pentest → 开始你的第一次渗透测试 →

✨ Features ✨ 特性

Agentic Pentesting Tools: Strix agents come equipped with a comprehensive offensive security toolkit - the same tools used by professional penetration testers and ethical hackers: 代理式渗透测试工具:Strix 代理配备了全面的进攻性安全工具包——与专业渗透测试人员和白帽黑客使用的工具相同:

  • HTTP Interception Proxy - Full request/response manipulation and analysis with Caido HTTP 拦截代理——通过 Caido 进行完整的请求/响应操作与分析。
  • Browser Exploitation - Automated browser for testing XSS, CSRF, clickjacking, and auth bypass flows 浏览器利用——用于测试 XSS、CSRF、点击劫持和身份验证绕过流程的自动化浏览器。
  • Shell & Command Execution - Interactive terminal for exploit development and post-exploitation Shell 与命令执行——用于漏洞利用开发和后渗透阶段的交互式终端。
  • Custom Exploit Runtime - Python sandbox for writing and validating proof-of-concept exploits 自定义漏洞利用运行时——用于编写和验证概念验证漏洞利用程序的 Python 沙箱。
  • Reconnaissance & OSINT - Automated attack surface mapping, subdomain enumeration, and fingerprinting 侦察与 OSINT——自动化的攻击面映射、子域名枚举和指纹识别。
  • Static & Dynamic Code Analysis - SAST + DAST capabilities for comprehensive application security testing 静态与动态代码分析——SAST + DAST 功能,实现全面的应用程序安全测试。
  • Vulnerability Knowledge Base - Structured findings with CVSS scoring and OWASP classification 漏洞知识库——带有 CVSS 评分和 OWASP 分类的结构化发现结果。

Comprehensive Vulnerability Scanner: Strix identifies, validates, and exploits a wide range of security vulnerabilities across the OWASP Top 10 and beyond: 全面的漏洞扫描器:Strix 可识别、验证并利用 OWASP Top 10 及其他范围内的广泛安全漏洞:

  • Broken Access Control - IDOR, privilege escalation, auth bypass 失效的访问控制——IDOR、权限提升、身份验证绕过。
  • Injection Attacks - SQL injection, NoSQL injection, OS command injection, SSTI 注入攻击——SQL 注入、NoSQL 注入、OS 命令注入、SSTI。
  • Server-Side Vulnerabilities - SSRF, XXE, insecure deserialization, RCE 服务端漏洞——SSRF、XXE、不安全的反序列化、RCE。
  • Client-Side Attacks - XSS (stored/reflected/DOM), prototype pollution, CSRF 客户端攻击——XSS(存储型/反射型/DOM 型)、原型污染、CSRF。
  • Business Logic Flaws - Race conditions, payment manipulation, workflow bypass 业务逻辑缺陷——竞态条件、支付篡改、工作流绕过。
  • Authentication & Session - JWT attacks, session fixation, credential stuffing vectors 身份验证与会话——JWT 攻击、会话固定、撞库向量。
  • Infrastructure & Cloud - Misconfigurations, exposed services, cloud security issues 基础设施与云——配置错误、暴露的服务、云安全问题。
  • API Security - Broken authentication, mass assignment, rate limiting bypass API 安全——失效的身份验证、大规模赋值、速率限制绕过。

Graph of Agents (Multi-Agent Pentesting): Advanced multi-agent orchestration for comprehensive automated penetration testing: 代理图谱(多代理渗透测试):用于全面自动化渗透测试的高级多代理编排:

  • Distributed Pentesting - Specialized AI agents for recon, exploitation, and post-exploitation 分布式渗透测试——用于侦察、利用和后渗透的专业 AI 代理。
  • Scalable Security Testing - Parallel execution across multiple targets for fast, comprehensive coverage 可扩展的安全测试——跨多个目标并行执行,实现快速、全面的覆盖。
  • Dynamic Coordination - Agents share discoveries, chain vulnerabilities, and collaborate like a red team 动态协调——代理共享发现结果、串联漏洞,并像红队一样协作。

Usage Examples 使用示例

# Basic Usage
# Scan a local codebase
strix --target ./app-directory

# Security review of a GitHub repository
strix --target https://github.com/org/repo

# Black-box web application assessment
strix --target https://your-app.com

# Advanced Testing Scenarios
# Grey-box authenticated testing
strix --target https://your-app.com --instruction "Perform authenticated testing using credentials: user:pass"

# Multi-target testing (source code + deployed app)
strix -t https://github.com/org/app -t https://your-app.com

# White-box source-aware scan (local repository)
strix --target ./app-directory --scan-mode standard

# Focused testing with custom instructions
strix --target api.your-app.com --instruction "Focus on business logic flaws and IDOR vulnerabilities"

# Provide detailed instructions through file (e.g., rules of engagement, scope, exclusions)
strix --target api.your-app.com --instruction-file ./instruction.md

# Force PR diff-scope against a specific base branch
strix -n --target ./ --scan-mode quick --scope-mode diff --diff-base origin/main

Headless Mode: Run Strix programmatically without interactive UI using the -n/—non-interactive flag - perfect for servers and automated jobs. The CLI prints real-time… 无头模式:使用 -n/--non-interactive 标志以编程方式运行 Strix,无需交互式 UI——非常适合服务器和自动化任务。CLI 会实时打印……