docs: add documentation to main repository

2026-01-20 21:08:29 -08:00
parent b456a4ed8c
commit 25ac2f1e08
29 changed files with 1579 additions and 0 deletions
--- a/docs/usage/instructions.mdx
+++ b/docs/usage/instructions.mdx
@@ -0,0 +1,73 @@
+---
+title: "Custom Instructions"
+description: "Guide Strix with custom testing instructions"
+---
+
+Use instructions to provide context, credentials, or focus areas for your scan.
+
+## Inline Instructions
+
+```bash
+strix --target https://app.com --instruction "Focus on authentication vulnerabilities"
+```
+
+## File-Based Instructions
+
+For complex instructions, use a file:
+
+```bash
+strix --target https://app.com --instruction-file ./pentest-instructions.md
+```
+
+## Common Use Cases
+
+### Authenticated Testing
+
+```bash
+strix --target https://app.com \
+  --instruction "Login with email: test@example.com, password: TestPass123"
+```
+
+### Focused Scope
+
+```bash
+strix --target https://api.example.com \
+  --instruction "Focus on IDOR vulnerabilities in the /api/users endpoints"
+```
+
+### Exclusions
+
+```bash
+strix --target https://app.com \
+  --instruction "Do not test /admin or /internal endpoints"
+```
+
+### API Testing
+
+```bash
+strix --target https://api.example.com \
+  --instruction "Use API key header: X-API-Key: abc123. Focus on rate limiting bypass."
+```
+
+## Instruction File Example
+
+```markdown instructions.md
+# Penetration Test Instructions
+
+## Credentials
+- Admin: admin@example.com / AdminPass123
+- User: user@example.com / UserPass123
+
+## Focus Areas
+1. IDOR in user profile endpoints
+2. Privilege escalation between roles
+3. JWT token manipulation
+
+## Out of Scope
+- /health endpoints
+- Third-party integrations
+```
+
+<Tip>
+Be specific. Good instructions help Strix prioritize the most valuable attack paths.
+</Tip>