usestrix / strix
usestrix / strix
Strix: The open-source AI pentesting tool. Strix:开源 AI 渗透测试工具。
Autonomous AI hackers that find and fix your app’s vulnerabilities. 自主 AI 黑客,能够发现并修复你应用程序中的漏洞。
Tip: New! Strix integrates seamlessly with GitHub Actions and CI/CD pipelines. Automatically scan for vulnerabilities on every pull request and block insecure code before it reaches production - Get started with no setup required. 提示:新功能!Strix 可与 GitHub Actions 和 CI/CD 流水线无缝集成。在每次 Pull Request 时自动扫描漏洞,并在不安全代码进入生产环境前将其拦截——无需任何配置即可开始使用。
Strix Overview: Strix are autonomous AI penetration testing agents that act just like real hackers - they run your code dynamically, find vulnerabilities, and validate them through actual proof-of-concepts. Built for developers and security teams who need fast, accurate security testing without the overhead of manual pentesting or the false positives of static analysis tools. Strix 概述:Strix 是自主 AI 渗透测试代理,其行为与真正的黑客无异——它们动态运行你的代码,发现漏洞,并通过实际的概念验证(PoC)进行验证。专为需要快速、准确安全测试的开发人员和安全团队打造,无需手动渗透测试的繁琐开销,也避免了静态分析工具带来的误报。
Key Capabilities: 核心功能:
- Full pentesting toolkit - reconnaissance, exploitation, and validation out of the box 完整的渗透测试工具包——开箱即用的侦察、利用和验证功能。
- Multi-agent orchestration - teams of AI pentesters that collaborate and scale 多代理编排——可协作并扩展的 AI 渗透测试团队。
- Real exploit validation - working PoCs, not false positives like legacy vulnerability scanners 真实的漏洞利用验证——提供可运行的 PoC,而非传统漏洞扫描器那样的误报。
- Developer‑first CLI - actionable findings with remediation guidance 开发者优先的 CLI——提供带有修复指导的可操作性发现结果。
- Auto-fix & reporting - generate patches and compliance-ready pentest reports 自动修复与报告——生成补丁及符合合规要求的渗透测试报告。
Use Cases 应用场景
- Application Security Testing - Detect and validate critical vulnerabilities in your applications 应用程序安全测试——检测并验证应用程序中的关键漏洞。
- Rapid Penetration Testing - Get penetration tests done in hours, not weeks, with compliance reports 快速渗透测试——在数小时(而非数周)内完成渗透测试,并获取合规报告。
- Bug Bounty Automation - Automate bug bounty research and generate PoCs for faster reporting 漏洞赏金自动化——自动化漏洞赏金研究并生成 PoC,以实现更快的报告提交。
- CI/CD Integration - Run tests in CI/CD to block vulnerabilities before reaching production CI/CD 集成——在 CI/CD 中运行测试,在代码进入生产环境前拦截漏洞。
🚀 Quick Start 🚀 快速开始
Prerequisites: 先决条件:
- Docker (running) Docker(运行中)
- An LLM API key from any supported provider (OpenAI, Anthropic, Google, etc.) 来自任何受支持提供商(OpenAI、Anthropic、Google 等)的 LLM API 密钥。
Installation & First Scan 安装与首次扫描
# Install Strix
curl -sSL https://strix.ai/install | bash
# Configure your AI provider
export STRIX_LLM="openai/gpt-5.4"
export LLM_API_KEY="your-api-key"
# Run your first security assessment
strix --target ./app-directory
Note: First run automatically pulls the sandbox Docker image. Results are saved to strix_runs/strix_runs/<run-name>。
☁️ Strix Platform ☁️ Strix 平台
Try the Strix full-stack penetration testing platform at app.strix.ai - sign up for free, connect your repos and domains, and launch a pentest in minutes. 访问 app.strix.ai 体验 Strix 全栈渗透测试平台——免费注册,连接你的仓库和域名,几分钟内即可启动渗透测试。
- Validated findings with PoCs - every vulnerability includes a working proof-of-concept exploit and reproduction steps 经验证的发现结果与 PoC——每个漏洞都包含可运行的概念验证利用程序和复现步骤。
- One-click autofix - AI-generated security patches as ready-to-merge pull requests 一键自动修复——AI 生成的安全补丁,可直接作为 Pull Request 合并。
- Continuous pentesting - always-on vulnerability scanning that keeps pace with your deployments 持续渗透测试——始终在线的漏洞扫描,与你的部署进度保持同步。
- DevSecOps integrations - GitHub, GitLab, Bitbucket, Slack, Jira, Linear, and CI/CD pipelines DevSecOps 集成——支持 GitHub、GitLab、Bitbucket、Slack、Jira、Linear 和 CI/CD 流水线。
- Continuous learning - AI that builds on past findings, adapts to your codebase, and reduces false positives over time 持续学习——AI 基于过往发现进行构建,适应你的代码库,并随时间推移减少误报。
Start your first pentest → 开始你的第一次渗透测试 →
✨ Features ✨ 特性
Agentic Pentesting Tools: Strix agents come equipped with a comprehensive offensive security toolkit - the same tools used by professional penetration testers and ethical hackers: 代理式渗透测试工具:Strix 代理配备了全面的进攻性安全工具包——与专业渗透测试人员和白帽黑客使用的工具相同:
- HTTP Interception Proxy - Full request/response manipulation and analysis with Caido HTTP 拦截代理——通过 Caido 进行完整的请求/响应操作与分析。
- Browser Exploitation - Automated browser for testing XSS, CSRF, clickjacking, and auth bypass flows 浏览器利用——用于测试 XSS、CSRF、点击劫持和身份验证绕过流程的自动化浏览器。
- Shell & Command Execution - Interactive terminal for exploit development and post-exploitation Shell 与命令执行——用于漏洞利用开发和后渗透阶段的交互式终端。
- Custom Exploit Runtime - Python sandbox for writing and validating proof-of-concept exploits 自定义漏洞利用运行时——用于编写和验证概念验证漏洞利用程序的 Python 沙箱。
- Reconnaissance & OSINT - Automated attack surface mapping, subdomain enumeration, and fingerprinting 侦察与 OSINT——自动化的攻击面映射、子域名枚举和指纹识别。
- Static & Dynamic Code Analysis - SAST + DAST capabilities for comprehensive application security testing 静态与动态代码分析——SAST + DAST 功能,实现全面的应用程序安全测试。
- Vulnerability Knowledge Base - Structured findings with CVSS scoring and OWASP classification 漏洞知识库——带有 CVSS 评分和 OWASP 分类的结构化发现结果。
Comprehensive Vulnerability Scanner: Strix identifies, validates, and exploits a wide range of security vulnerabilities across the OWASP Top 10 and beyond: 全面的漏洞扫描器:Strix 可识别、验证并利用 OWASP Top 10 及其他范围内的广泛安全漏洞:
- Broken Access Control - IDOR, privilege escalation, auth bypass 失效的访问控制——IDOR、权限提升、身份验证绕过。
- Injection Attacks - SQL injection, NoSQL injection, OS command injection, SSTI 注入攻击——SQL 注入、NoSQL 注入、OS 命令注入、SSTI。
- Server-Side Vulnerabilities - SSRF, XXE, insecure deserialization, RCE 服务端漏洞——SSRF、XXE、不安全的反序列化、RCE。
- Client-Side Attacks - XSS (stored/reflected/DOM), prototype pollution, CSRF 客户端攻击——XSS(存储型/反射型/DOM 型)、原型污染、CSRF。
- Business Logic Flaws - Race conditions, payment manipulation, workflow bypass 业务逻辑缺陷——竞态条件、支付篡改、工作流绕过。
- Authentication & Session - JWT attacks, session fixation, credential stuffing vectors 身份验证与会话——JWT 攻击、会话固定、撞库向量。
- Infrastructure & Cloud - Misconfigurations, exposed services, cloud security issues 基础设施与云——配置错误、暴露的服务、云安全问题。
- API Security - Broken authentication, mass assignment, rate limiting bypass API 安全——失效的身份验证、大规模赋值、速率限制绕过。
Graph of Agents (Multi-Agent Pentesting): Advanced multi-agent orchestration for comprehensive automated penetration testing: 代理图谱(多代理渗透测试):用于全面自动化渗透测试的高级多代理编排:
- Distributed Pentesting - Specialized AI agents for recon, exploitation, and post-exploitation 分布式渗透测试——用于侦察、利用和后渗透的专业 AI 代理。
- Scalable Security Testing - Parallel execution across multiple targets for fast, comprehensive coverage 可扩展的安全测试——跨多个目标并行执行,实现快速、全面的覆盖。
- Dynamic Coordination - Agents share discoveries, chain vulnerabilities, and collaborate like a red team 动态协调——代理共享发现结果、串联漏洞,并像红队一样协作。
Usage Examples 使用示例
# Basic Usage
# Scan a local codebase
strix --target ./app-directory
# Security review of a GitHub repository
strix --target https://github.com/org/repo
# Black-box web application assessment
strix --target https://your-app.com
# Advanced Testing Scenarios
# Grey-box authenticated testing
strix --target https://your-app.com --instruction "Perform authenticated testing using credentials: user:pass"
# Multi-target testing (source code + deployed app)
strix -t https://github.com/org/app -t https://your-app.com
# White-box source-aware scan (local repository)
strix --target ./app-directory --scan-mode standard
# Focused testing with custom instructions
strix --target api.your-app.com --instruction "Focus on business logic flaws and IDOR vulnerabilities"
# Provide detailed instructions through file (e.g., rules of engagement, scope, exclusions)
strix --target api.your-app.com --instruction-file ./instruction.md
# Force PR diff-scope against a specific base branch
strix -n --target ./ --scan-mode quick --scope-mode diff --diff-base origin/main
Headless Mode: Run Strix programmatically without interactive UI using the -n/—non-interactive flag - perfect for servers and automated jobs. The CLI prints real-time…
无头模式:使用 -n/--non-interactive 标志以编程方式运行 Strix,无需交互式 UI——非常适合服务器和自动化任务。CLI 会实时打印……