diff --git a/README.md b/README.md
index deb5d7a..a306121 100644
--- a/README.md
+++ b/README.md
@@ -4,9 +4,7 @@
-
-Strix
-
+Strix
Open-source AI Hackers to secure your Apps
@@ -22,126 +20,158 @@ Strix
[](https://usestrix.com)
+
-
+
-
+
+
> [!TIP]
> **New!** Strix now integrates seamlessly with GitHub Actions and CI/CD pipelines. Automatically scan for vulnerabilities on every pull request and block insecure code before it reaches production!
---
-## π¦ Strix Overview
+## π¦ What are Strix?
Strix are autonomous AI agents that act just like real hackers - they run your code dynamically, find vulnerabilities, and validate them through actual proof-of-concepts. Built for developers and security teams who need fast, accurate security testing without the overhead of manual pentesting or the false positives of static analysis tools.
-- **Full hacker toolkit** out of the box
-- **Teams of agents** that collaborate and scale
-- **Real validation** with PoCs, not false positives
-- **Developerβfirst** CLI with actionable reports
-- **Autoβfix & reporting** to accelerate remediation
+**Key Capabilities:**
+
+- π§ **Full hacker toolkit** out of the box
+- π€ **Teams of agents** that collaborate and scale
+- β
**Real validation** with PoCs, not false positives
+- π» **Developerβfirst** CLI with actionable reports
+- π **Autoβfix & reporting** to accelerate remediation
+
+
+
+## π― Use Cases
+
+- **Application Security Testing** - Detect and validate critical vulnerabilities in your applications
+- **Rapid Penetration Testing** - Get penetration tests done in hours, not weeks, with compliance reports
+- **Bug Bounty Automation** - Automate bug bounty research and generate PoCs for faster reporting
+- **CI/CD Security Gates** - Run tests in CI/CD to block vulnerabilities before reaching production
---
-### π― Use Cases
+## π Quick Start
-- Detect and validate critical vulnerabilities in your applications.
-- Get penetration tests done in hours, not weeks, with compliance reports.
-- Automate bug bounty research and generate PoCs for faster reporting.
-- Run tests in CI/CD to block vulnerabilities before reaching production.
-
----
-
-### π Quick Start
-
-Prerequisites:
+**Prerequisites:**
- Docker (running)
- Python 3.12+
- An LLM provider key (or a local LLM)
+### Installation & First Scan
+
```bash
-# Install
+# Install Strix
pipx install strix-agent
-# Configure AI provider
+# Configure your AI provider
export STRIX_LLM="openai/gpt-5"
export LLM_API_KEY="your-api-key"
-# Run security assessment
+# Run your first security assessment
strix --target ./app-directory
```
-First run pulls the sandbox Docker image. Results are saved under `agent_runs/`.
+> **Note:** First run automatically pulls the sandbox Docker image. Results are saved to `agent_runs//`
-### π Enterprise Platform
+
-Want to skip the setup? Try our cloud-hosted version: **[usestrix.com](https://usestrix.com)**
+## π Enterprise Platform
+
+Want to skip the setup? Try our cloud-hosted version at **[usestrix.com](https://usestrix.com)**
Our managed platform provides:
-- **π Executive Dashboards**
-- **π§ Custom Fine-Tuned Models**
-- **βοΈ CI/CD Integration**
-- **π Large-Scale Scanning**
-- **π Third-Party Integrations**
-- **π― Enterprise Support**
+| Feature | Description |
+|---------|-------------|
+| π **Executive Dashboards** | Track security metrics and trends across your organization |
+| π§ **Custom Fine-Tuned Models** | AI agents trained on your specific codebase and vulnerabilities |
+| βοΈ **CI/CD Integration** | Seamless integration with your existing workflows |
+| π **Large-Scale Scanning** | Test multiple applications and repositories in parallel |
+| π **Third-Party Integrations** | Connect with Jira, Slack, PagerDuty, and more |
+| π― **Enterprise Support** | Dedicated support team and SLA guarantees |
[**Get Enterprise Demo β**](https://usestrix.com)
+---
+
## β¨ Features
### π οΈ Agentic Security Tools
-- **Full HTTP Proxy** - Full request/response manipulation and analysis
-- **Browser Automation** - Multi-tab browser for testing of XSS, CSRF, auth flows
-- **Terminal Environments** - Interactive shells for command execution and testing
-- **Python Runtime** - Custom exploit development and validation
-- **Reconnaissance** - Automated OSINT and attack surface mapping
-- **Code Analysis** - Static and dynamic analysis capabilities
-- **Knowledge Management** - Structured findings and attack documentation
+Strix agents come equipped with a comprehensive security testing toolkit:
+
+| Tool | Capability |
+|------|------------|
+| π **HTTP Proxy** | Full request/response manipulation and analysis |
+| π₯οΈ **Browser Automation** | Multi-tab browser for XSS, CSRF, and auth flow testing |
+| β¨οΈ **Terminal Environment** | Interactive shells for command execution and testing |
+| π **Python Runtime** | Custom exploit development and validation |
+| π **Reconnaissance** | Automated OSINT and attack surface mapping |
+| π **Code Analysis** | Static and dynamic analysis capabilities |
+| π **Knowledge Management** | Structured findings and attack documentation |
### π― Comprehensive Vulnerability Detection
-- **Access Control** - IDOR, privilege escalation, auth bypass
-- **Injection Attacks** - SQL, NoSQL, command injection
-- **Server-Side** - SSRF, XXE, deserialization flaws
-- **Client-Side** - XSS, prototype pollution, DOM vulnerabilities
-- **Business Logic** - Race conditions, workflow manipulation
-- **Authentication** - JWT vulnerabilities, session management
-- **Infrastructure** - Misconfigurations, exposed services
+Strix can identify and validate a wide range of security vulnerabilities:
+
+| Category | Coverage |
+|----------|----------|
+| π **Access Control** | IDOR, privilege escalation, authorization bypass |
+| π **Injection Attacks** | SQL, NoSQL, command injection, template injection |
+| π₯οΈ **Server-Side** | SSRF, XXE, deserialization flaws |
+| π **Client-Side** | XSS, prototype pollution, DOM vulnerabilities |
+| βοΈ **Business Logic** | Race conditions, workflow manipulation |
+| π **Authentication** | JWT vulnerabilities, session management flaws |
+| ποΈ **Infrastructure** | Misconfigurations, exposed services, secrets |
### πΈοΈ Graph of Agents
-- **Distributed Workflows** - Specialized agents for different attacks and assets
-- **Scalable Testing** - Parallel execution for fast comprehensive coverage
-- **Dynamic Coordination** - Agents collaborate and share discoveries
+Advanced multi-agent orchestration for comprehensive security testing:
+
+- **π Distributed Workflows** - Specialized agents tackle different attacks and assets simultaneously
+- **β‘ Scalable Testing** - Parallel execution for fast, comprehensive coverage
+- **π€ Dynamic Coordination** - Agents collaborate and share discoveries in real-time
+
+---
## π» Usage Examples
-### Default Usage
+### Basic Usage
```bash
-# Local codebase analysis
+# Scan a local codebase
strix --target ./app-directory
-# Repository security review
+# Security review of a GitHub repository
strix --target https://github.com/org/repo
-# Black-Box Web application assessment
+# Black-box web application assessment
strix --target https://your-app.com
+```
-# Grey-Box Security Assesment
-strix --target https://your-app.com --instruction "Perform authenticated testing using the following credentials user:pass"
+### Advanced Testing Scenarios
-# Multi-target white-box testing (source code + deployed app)
-strix -t https://github.com/org/app -t https://your-app.com
+```bash
+# Grey-box authenticated testing
+strix --target https://your-app.com \
+ --instruction "Perform authenticated testing using credentials: user:pass"
-# Focused testing with instructions
-strix --target api.your-app.com --instruction "Focus on business logic flaws and IDOR vulnerabilities"
+# Multi-target testing (source code + deployed app)
+strix -t https://github.com/org/app \
+ -t https://your-app.com
+
+# Focused testing with custom instructions
+strix --target api.your-app.com \
+ --instruction "Focus on business logic flaws and IDOR vulnerabilities"
```
### π€ Headless Mode
@@ -201,6 +231,8 @@ See our [Contributing Guide](CONTRIBUTING.md) for details on:
- Setting up your development environment
- Running tests and quality checks
- Submitting pull requests
+- Code style guidelines
+
### Prompt Modules Collection
Help expand our collection of specialized prompt modules for AI agents:
@@ -216,7 +248,4 @@ Have questions? Found a bug? Want to contribute? **[Join our Discord!](https://d
**Love Strix?** Give us a β on GitHub!
-> [!WARNING]
-> Only test apps you own or have permission to test. You are responsible for using Strix ethically and legally.
-