Update README
This commit is contained in:
Ahmed Allam
79
README.md
79
README.md
@@ -1,55 +1,61 @@
|
||||
<p align="center">
|
||||
<a href="https://strix.ai/">
|
||||
<img src=".github/logo.png" width="150" alt="Strix Logo">
|
||||
<img src="https://github.com/usestrix/.github/raw/main/imgs/cover.png" alt="Strix Banner" width="100%">
|
||||
</a>
|
||||
</p>
|
||||
|
||||
<h1 align="center">Strix</h1>
|
||||
|
||||
<h2 align="center">Open-source AI Hackers to secure your Apps</h2>
|
||||
|
||||
<div align="center">
|
||||
|
||||
[](https://pypi.org/project/strix-agent/)
|
||||
[](https://pypi.org/project/strix-agent/)
|
||||
[](LICENSE)
|
||||
[](https://docs.strix.ai)
|
||||
# Strix
|
||||
|
||||
[](https://github.com/usestrix/strix)
|
||||
[](https://discord.gg/YjKFvEZSdZ)
|
||||
[](https://strix.ai)
|
||||
### Open-source AI hackers to find and fix your app’s vulnerabilities.
|
||||
|
||||
<a href="https://trendshift.io/repositories/15362" target="_blank"><img src="https://trendshift.io/api/badge/repositories/15362" alt="usestrix%2Fstrix | Trendshift" style="width: 250px; height: 55px;" width="250" height="55"/></a>
|
||||
<br/>
|
||||
|
||||
|
||||
[](https://deepwiki.com/usestrix/strix)
|
||||
<a href="https://docs.strix.ai"><img src="https://img.shields.io/badge/Docs-docs.strix.ai-2b9246?style=for-the-badge&logo=gitbook&logoColor=white" alt="Docs"></a>
|
||||
<a href="https://strix.ai"><img src="https://img.shields.io/badge/Website-strix.ai-3b82f6?style=for-the-badge&logoColor=white" alt="Website"></a>
|
||||
<a href="https://pypi.org/project/strix-agent/"><img src="https://img.shields.io/badge/PyPI-strix--agent-f59e0b?style=for-the-badge&logo=pypi&logoColor=white" alt="PyPI"></a>
|
||||
|
||||
<a href="https://deepwiki.com/usestrix/strix"><img src="https://deepwiki.com/badge.svg" alt="Ask DeepWiki"></a>
|
||||
<a href="https://github.com/usestrix/strix"><img src="https://img.shields.io/github/stars/usestrix/strix?style=flat-square" alt="GitHub Stars"></a>
|
||||
<a href="LICENSE"><img src="https://img.shields.io/badge/License-Apache%202.0-3b82f6?style=flat-square" alt="License"></a>
|
||||
<a href="https://pypi.org/project/strix-agent/"><img src="https://img.shields.io/pypi/v/strix-agent?style=flat-square" alt="PyPI Version"></a>
|
||||
|
||||
|
||||
<a href="https://discord.gg/YjKFvEZSdZ"><img src="https://github.com/usestrix/.github/raw/main/imgs/Discord.png" height="40" alt="Join Discord"></a>
|
||||
<a href="https://x.com/strix_ai"><img src="https://github.com/usestrix/.github/raw/main/imgs/X.png" height="40" alt="Follow on X"></a>
|
||||
|
||||
|
||||
<a href="https://trendshift.io/repositories/15362" target="_blank"><img src="https://trendshift.io/api/badge/repositories/15362" alt="usestrix/strix | Trendshift" width="250" height="55"/></a>
|
||||
|
||||
</div>
|
||||
|
||||
<br>
|
||||
<br/>
|
||||
|
||||
<div align="center">
|
||||
<img src=".github/screenshot.png" alt="Strix Demo" width="800" style="border-radius: 16px;">
|
||||
<img src=".github/screenshot.png" alt="Strix Demo" width="900" style="border-radius: 16px;">
|
||||
</div>
|
||||
|
||||
<br>
|
||||
|
||||
> [!TIP]
|
||||
> **New!** Strix now integrates seamlessly with GitHub Actions and CI/CD pipelines. Automatically scan for vulnerabilities on every pull request and block insecure code before it reaches production!
|
||||
> **New!** Strix integrates seamlessly with GitHub Actions and CI/CD pipelines. Automatically scan for vulnerabilities on every pull request and block insecure code before it reaches production!
|
||||
|
||||
---
|
||||
|
||||
## 🦉 Strix Overview
|
||||
|
||||
## Strix Overview
|
||||
|
||||
Strix are autonomous AI agents that act just like real hackers - they run your code dynamically, find vulnerabilities, and validate them through actual proof-of-concepts. Built for developers and security teams who need fast, accurate security testing without the overhead of manual pentesting or the false positives of static analysis tools.
|
||||
|
||||
**Key Capabilities:**
|
||||
|
||||
- 🔧 **Full hacker toolkit** out of the box
|
||||
- 🤝 **Teams of agents** that collaborate and scale
|
||||
- ✅ **Real validation** with PoCs, not false positives
|
||||
- 💻 **Developer‑first** CLI with actionable reports
|
||||
- 🔄 **Auto‑fix & reporting** to accelerate remediation
|
||||
- **Full hacker toolkit** out of the box
|
||||
- **Teams of agents** that collaborate and scale
|
||||
- **Real validation** with PoCs, not false positives
|
||||
- **Developer‑first** CLI with actionable reports
|
||||
- **Auto‑fix & reporting** to accelerate remediation
|
||||
|
||||
|
||||
## 🎯 Use Cases
|
||||
@@ -87,7 +93,7 @@ strix --target ./app-directory
|
||||
> [!NOTE]
|
||||
> First run automatically pulls the sandbox Docker image. Results are saved to `strix_runs/<run-name>`
|
||||
|
||||
## ☁️ Run Strix in Cloud
|
||||
## Run Strix in Cloud
|
||||
|
||||
Want to skip the local setup, API keys, and unpredictable LLM costs? Run the hosted cloud version of Strix at **[app.strix.ai](https://strix.ai)**.
|
||||
|
||||
@@ -104,7 +110,7 @@ Launch a scan in just a few minutes—no setup or configuration required—and y
|
||||
|
||||
## ✨ Features
|
||||
|
||||
### 🛠️ Agentic Security Tools
|
||||
### Agentic Security Tools
|
||||
|
||||
Strix agents come equipped with a comprehensive security testing toolkit:
|
||||
|
||||
@@ -116,7 +122,7 @@ Strix agents come equipped with a comprehensive security testing toolkit:
|
||||
- **Code Analysis** - Static and dynamic analysis capabilities
|
||||
- **Knowledge Management** - Structured findings and attack documentation
|
||||
|
||||
### 🎯 Comprehensive Vulnerability Detection
|
||||
### Comprehensive Vulnerability Detection
|
||||
|
||||
Strix can identify and validate a wide range of security vulnerabilities:
|
||||
|
||||
@@ -128,7 +134,7 @@ Strix can identify and validate a wide range of security vulnerabilities:
|
||||
- **Authentication** - JWT vulnerabilities, session management
|
||||
- **Infrastructure** - Misconfigurations, exposed services
|
||||
|
||||
### 🕸️ Graph of Agents
|
||||
### Graph of Agents
|
||||
|
||||
Advanced multi-agent orchestration for comprehensive security testing:
|
||||
|
||||
@@ -138,7 +144,7 @@ Advanced multi-agent orchestration for comprehensive security testing:
|
||||
|
||||
---
|
||||
|
||||
## 💻 Usage Examples
|
||||
## Usage Examples
|
||||
|
||||
### Basic Usage
|
||||
|
||||
@@ -169,7 +175,7 @@ strix --target api.your-app.com --instruction "Focus on business logic flaws and
|
||||
strix --target api.your-app.com --instruction-file ./instruction.md
|
||||
```
|
||||
|
||||
### 🤖 Headless Mode
|
||||
### Headless Mode
|
||||
|
||||
Run Strix programmatically without interactive UI using the `-n/--non-interactive` flag—perfect for servers and automated jobs. The CLI prints real-time vulnerability findings, and the final report before exiting. Exits with non-zero code when vulnerabilities are found.
|
||||
|
||||
@@ -177,7 +183,7 @@ Run Strix programmatically without interactive UI using the `-n/--non-interactiv
|
||||
strix -n --target https://your-app.com
|
||||
```
|
||||
|
||||
### 🔄 CI/CD (GitHub Actions)
|
||||
### CI/CD (GitHub Actions)
|
||||
|
||||
Strix can be added to your pipeline to run a security test on pull requests with a lightweight GitHub Actions workflow:
|
||||
|
||||
@@ -204,7 +210,7 @@ jobs:
|
||||
run: strix -n -t ./ --scan-mode quick
|
||||
```
|
||||
|
||||
### ⚙️ Configuration
|
||||
### Configuration
|
||||
|
||||
```bash
|
||||
export STRIX_LLM="openai/gpt-5"
|
||||
@@ -227,22 +233,23 @@ export STRIX_REASONING_EFFORT="high" # control thinking effort (default: high,
|
||||
|
||||
See the [LLM Providers documentation](https://docs.strix.ai/llm-providers/overview) for all supported providers including Vertex AI, Bedrock, Azure, and local models.
|
||||
|
||||
## 📚 Documentation
|
||||
## Documentation
|
||||
|
||||
Full documentation is available at **[docs.strix.ai](https://docs.strix.ai)** — including detailed guides for usage, CI/CD integrations, skills, and advanced configuration.
|
||||
|
||||
## 🤝 Contributing
|
||||
## Contributing
|
||||
|
||||
We welcome contributions of code, docs, and new skills - check out our [Contributing Guide](https://docs.strix.ai/contributing) to get started or open a [pull request](https://github.com/usestrix/strix/pulls)/[issue](https://github.com/usestrix/strix/issues).
|
||||
|
||||
## 👥 Join Our Community
|
||||
## Join Our Community
|
||||
|
||||
Have questions? Found a bug? Want to contribute? **[Join our Discord!](https://discord.gg/YjKFvEZSdZ)**
|
||||
|
||||
## 🌟 Support the Project
|
||||
## Support the Project
|
||||
|
||||
**Love Strix?** Give us a ⭐ on GitHub!
|
||||
## 🙏 Acknowledgements
|
||||
|
||||
## Acknowledgements
|
||||
|
||||
Strix builds on the incredible work of open-source projects like [LiteLLM](https://github.com/BerriAI/litellm), [Caido](https://github.com/caido/caido), [ProjectDiscovery](https://github.com/projectdiscovery), [Playwright](https://github.com/microsoft/playwright), and [Textual](https://github.com/Textualize/textual). Huge thanks to their maintainers!
|
||||
|
||||
|
||||
Reference in New Issue
Block a user