The open-source AI pentesting tool. Autonomous AI hackers that find and fix your app's vulnerabilities.
Strix are autonomous AI penetration testing agents that act just like real hackers - they run your code dynamically, find vulnerabilities, and validate them through actual proof-of-concepts. Built for developers and security teams who need fast, accurate security testing without the overhead of manual pentesting or the false positives of static analysis tools.
Reconnaissance, exploitation, and validation out of the box with a comprehensive offensive security toolkit.
Teams of AI pentesters that collaborate and scale for comprehensive security coverage.
Working PoCs, not false positives like legacy vulnerability scanners.
Actionable findings with remediation guidance integrated into your workflow.
Generate patches and compliance-ready pentest reports automatically.
Detect and validate critical vulnerabilities in your applications with AI-powered scanning.
Get penetration tests done in hours, not weeks, with compliance reports.
Automate bug bounty research and generate PoCs for faster reporting.
Run tests in CI/CD to block vulnerabilities before reaching production.
Get started with Strix in minutes. Just install, configure your AI provider, and run your first security assessment.
# Install Strix
curl -sSL https://strix.ai/install | bash
# Configure your AI provider
export STRIX_LLM="openai/gpt-5.4"
export LLM_API_KEY="your-api-key"
# Run your first security assessment
strix --target ./app-directory
First run automatically pulls the sandbox Docker image. Results are saved to strix_runs/<run-name>
Try the Strix full-stack penetration testing platform at app.strix.ai - sign up for free, connect your repos and domains, and launch a pentest in minutes.
Every vulnerability includes a working proof-of-concept exploit and reproduction steps.
AI-generated security patches as ready-to-merge pull requests.
Always-on vulnerability scanning that keeps pace with your deployments.
GitHub, GitLab, Bitbucket, Slack, Jira, Linear, and CI/CD pipelines.
AI that builds on past findings, adapts to your codebase, and reduces false positives over time.
Full request/response manipulation and analysis with Caido.
Automated browser for testing XSS, CSRF, clickjacking, and auth bypass flows.
Interactive terminal for exploit development and post-exploitation.
Python sandbox for writing and validating proof-of-concept exploits.
Automated attack surface mapping, subdomain enumeration, and fingerprinting.
SAST + DAST capabilities for comprehensive application security testing.
IDOR, privilege escalation, auth bypass
SQL injection, NoSQL injection, OS command injection, SSTI
SSRF, XXE, insecure deserialization, RCE
XSS (stored/reflected/DOM), prototype pollution, CSRF
Race conditions, payment manipulation, workflow bypass
JWT attacks, session fixation, credential stuffing vectors
# Scan a local codebase
strix --target ./app-directory
# Security review of a GitHub repository
strix --target https://github.com/org/repo
# Black-box web application assessment
strix --target https://your-app.com
# Grey-box authenticated testing
strix --target https://your-app.com --instruction "Perform authenticated testing using credentials: user:pass"
# Multi-target testing (source code + deployed app)
strix -t https://github.com/org/app -t https://your-app.com
# White-box source-aware scan
strix --target ./app-directory --scan-mode standard
# Focused testing with custom instructions
strix --target api.your-app.com --instruction "Focus on business logic flaws and IDOR vulnerabilities"
# Provide detailed instructions through file
strix --target api.your-app.com --instruction-file ./instruction.md
# Force PR diff-scope against a specific base branch
strix -n --target ./ --scan-mode quick --scope-mode diff --diff-base origin/main
# Run Strix programmatically without interactive UI
strix -n --target https://your-app.com
# The CLI prints real-time vulnerability findings
# and the final report before exiting
# Exits with non-zero code when vulnerabilities are found
name: strix-penetration-test
on:
pull_request:
jobs:
security-scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Install Strix
run: curl -sSL https://strix.ai/install | bash
- name: Run Strix
env:
STRIX_LLM: ${{ secrets.STRIX_LLM }}
LLM_API_KEY: ${{ secrets.LLM_API_KEY }}
run: strix -n -t ./ --scan-mode quick
In CI pull request runs, Strix automatically scopes quick reviews to changed files. If diff-scope cannot resolve, ensure checkout uses full history (fetch-depth: 0) or pass --diff-base explicitly.
Get the same Strix experience with enterprise-grade controls: SSO (SAML/OIDC), custom compliance-ready penetration testing reports (SOC 2, ISO 27001, PCI DSS), dedicated support & SLA, custom deployment options (VPC/self-hosted), BYOK model support, and tailored AI pentesting agents optimized for your environment.
Learn More →Have questions? Found a bug? Want to contribute? Join our thriving community of security professionals and developers.
