@XAMTO_AI: 用过传统手动渗透测试的都懂!! 工具开一堆,Burp、Nmap、Metasploit来回切,recon半天exploit半天,PoC还得自己手写,报告写到怀疑人生,假阳性满天飞,真实漏洞反而漏掉…… 有位开发者实在看不下去了,直接开源了一…

X AI KOLs Timeline 工具

摘要

Strix is an open-source AI penetration testing tool that uses autonomous AI agents to perform real vulnerability discovery and exploitation, generating working PoCs and compliance-ready reports. It supports multi-agent orchestration, CI/CD integration, and various LLMs, aiming to replace manual pentesting with AI-driven automation.

用过传统手动渗透测试的都懂!! 工具开一堆,Burp、Nmap、Metasploit来回切,recon半天exploit半天,PoC还得自己手写,报告写到怀疑人生,假阳性满天飞,真实漏洞反而漏掉…… 有位开发者实在看不下去了,直接开源了一款叫 Strix 的AI渗透测试工具,专门为AI驱动的安全测试量身打造。 几个硬核点给你划出来: AI Agents像真实黑客一样自主运行,动态执行代码,生成真实可工作的PoC(不是假阳性) 多Agent编排,recon、exploit、post-exploit团队并行协作,效率直接起飞 一键Auto-fix,AI自动生成补丁PR + 合规就绪的渗透测试报告 开发者优先CLI,支持本地/GitHub/黑盒扫描,完美集成CI/CD 支持OpenAI、Claude、Gemini等多种大模型,本地也能跑 说白了,这就是给需要又快又准做安全测试的开发者、安全团队和Bug Bounty猎人准备的。 你不再是那个手动挖洞写报告的苦力,而是坐在那里指挥AI Agent团队干活的安全指挥官。 这个角色转换听起来是不是很带感? 我觉得这才是未来AppSec该有的工作姿势。 https://github.com/usestrix/strix
查看原文
查看缓存全文

缓存时间: 2026/07/05 10:34

用过传统手动渗透测试的都懂!!

工具开一堆,Burp、Nmap、Metasploit来回切,recon半天exploit半天,PoC还得自己手写,报告写到怀疑人生,假阳性满天飞,真实漏洞反而漏掉……

有位开发者实在看不下去了,直接开源了一款叫 Strix 的AI渗透测试工具,专门为AI驱动的安全测试量身打造。

几个硬核点给你划出来:

AI Agents像真实黑客一样自主运行,动态执行代码,生成真实可工作的PoC(不是假阳性) 多Agent编排,recon、exploit、post-exploit团队并行协作,效率直接起飞 一键Auto-fix,AI自动生成补丁PR + 合规就绪的渗透测试报告 开发者优先CLI,支持本地/GitHub/黑盒扫描,完美集成CI/CD 支持OpenAI、Claude、Gemini等多种大模型,本地也能跑

说白了,这就是给需要又快又准做安全测试的开发者、安全团队和Bug Bounty猎人准备的。

你不再是那个手动挖洞写报告的苦力,而是坐在那里指挥AI Agent团队干活的安全指挥官。

这个角色转换听起来是不是很带感?

我觉得这才是未来AppSec该有的工作姿势。

https://github.com/usestrix/strix


usestrix/strix

Source: https://github.com/usestrix/strix

Strix Banner

Strix

The open-source AI pentesting tool. Autonomous AI hackers that find and fix your app’s vulnerabilities.


Docs Website

Ask DeepWiki GitHub Stars License PyPI Version

Join Discord Follow on X

usestrix/strix | Trendshift

New! Strix integrates seamlessly with GitHub Actions and CI/CD pipelines. Automatically scan for vulnerabilities on every pull request and block insecure code before it reaches production - Get started with no setup required.


Strix Overview

Strix are autonomous AI penetration testing agents that act just like real hackers - they run your code dynamically, find vulnerabilities, and validate them through actual proofs-of-concept. Built for developers and security teams who need fast, accurate security testing without the overhead of manual pentesting or the false positives of static analysis tools.

Key Capabilities:

  • Full pentesting toolkit - reconnaissance, exploitation, and validation out of the box
  • Multi-agent orchestration - teams of AI pentesters that collaborate and scale
  • Real exploit validation - working PoCs, not false positives like legacy vulnerability scanners
  • Developer‑first CLI - actionable findings with remediation guidance
  • Auto‑fix & reporting - generate patches and compliance-ready pentest reports

Strix Demo

Use Cases

  • Application Security Testing - Detect and validate critical vulnerabilities in your applications
  • Rapid Penetration Testing - Get penetration tests done in hours, not weeks, with compliance reports
  • Bug Bounty Automation - Automate bug bounty research and generate PoCs for faster reporting
  • CI/CD Integration - Run tests in CI/CD to block vulnerabilities before reaching production

🚀 Quick Start

Prerequisites:

  • Docker (running)
  • An LLM API key from any supported provider (OpenAI, Anthropic, Google, etc.)

Installation & First Scan

# Install Strix
curl -sSL https://strix.ai/install | bash

# Configure your AI provider
export STRIX_LLM="openai/gpt-5.4"
export LLM_API_KEY="your-api-key"

# Run your first security assessment
strix --target ./app-directory

First run automatically pulls the sandbox Docker image. Results are saved to strix_runs/<run-name>


☁️ Strix Platform

Try the Strix full-stack penetration testing platform at app.strix.ai - sign up for free, connect your repos and domains, and launch a pentest in minutes.

  • Validated findings with PoCs - every vulnerability includes a working proof-of-concept exploit and reproduction steps
  • One-click autofix - AI-generated security patches as ready-to-merge pull requests
  • Continuous pentesting - always-on vulnerability scanning that keeps pace with your deployments
  • DevSecOps integrations - GitHub, GitLab, Bitbucket, Slack, Jira, Linear, and CI/CD pipelines
  • Continuous learning - AI that builds on past findings, adapts to your codebase, and reduces false positives over time

Start your first pentest →


✨ Features

Agentic Pentesting Tools

Strix agents come equipped with a comprehensive offensive security toolkit - the same tools used by professional penetration testers and ethical hackers:

  • HTTP Interception Proxy - Full request/response manipulation and analysis with Caido
  • Browser Exploitation - Automated browser for testing XSS, CSRF, clickjacking, and auth bypass flows
  • Shell & Command Execution - Interactive terminal for exploit development and post-exploitation
  • Custom Exploit Runtime - Python sandbox for writing and validating proof-of-concept exploits
  • Reconnaissance & OSINT - Automated attack surface mapping, subdomain enumeration, and fingerprinting
  • Static & Dynamic Code Analysis - SAST + DAST capabilities for comprehensive application security testing
  • Vulnerability Knowledge Base - Structured findings with CVSS scoring and OWASP classification

Comprehensive Vulnerability Scanner

Strix identifies, validates, and exploits a wide range of security vulnerabilities across the OWASP Top 10 and beyond:

  • Broken Access Control - IDOR, privilege escalation, auth bypass
  • Injection Attacks - SQL injection, NoSQL injection, OS command injection, SSTI
  • Server-Side Vulnerabilities - SSRF, XXE, insecure deserialization, RCE
  • Client-Side Attacks - XSS (stored/reflected/DOM), prototype pollution, CSRF
  • Business Logic Flaws - Race conditions, payment manipulation, workflow bypass
  • Authentication & Session - JWT attacks, session fixation, credential stuffing vectors
  • Infrastructure & Cloud - Misconfigurations, exposed services, cloud security issues
  • API Security - Broken authentication, mass assignment, rate limiting bypass

Graph of Agents (Multi-Agent Pentesting)

Advanced multi-agent orchestration for comprehensive automated penetration testing:

  • Distributed Pentesting - Specialized AI agents for recon, exploitation, and post-exploitation
  • Scalable Security Testing - Parallel execution across multiple targets for fast, comprehensive coverage
  • Dynamic Coordination - Agents share discoveries, chain vulnerabilities, and collaborate like a red team

Usage Examples

Basic Usage

# Scan a local codebase
strix --target ./app-directory

# Security review of a GitHub repository
strix --target https://github.com/org/repo

# Black-box web application assessment
strix --target https://your-app.com

Advanced Testing Scenarios

# Grey-box authenticated testing
strix --target https://your-app.com --instruction "Perform authenticated testing using credentials: user:pass"

# Multi-target testing (source code + deployed app)
strix -t https://github.com/org/app -t https://your-app.com

# White-box source-aware scan (local repository)
strix --target ./app-directory --scan-mode standard

# Focused testing with custom instructions
strix --target api.your-app.com --instruction "Focus on business logic flaws and IDOR vulnerabilities"

# Provide detailed instructions through file (e.g., rules of engagement, scope, exclusions)
strix --target api.your-app.com --instruction-file ./instruction.md

# Force PR diff-scope against a specific base branch
strix -n --target ./ --scan-mode quick --scope-mode diff --diff-base origin/main

Headless Mode

Run Strix programmatically without interactive UI using the -n/--non-interactive flag - perfect for servers and automated jobs. The CLI prints real-time vulnerability findings and the final report before exiting. Exits with non-zero code when vulnerabilities are found.

strix -n --target https://your-app.com

CI/CD (GitHub Actions)

Strix can be added to your pipeline to run a security test on pull requests with a lightweight GitHub Actions workflow:

name: strix-penetration-test

on:
  pull_request:

jobs:
  security-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
        with:
          fetch-depth: 0

      - name: Install Strix
        run: curl -sSL https://strix.ai/install | bash

      - name: Run Strix
        env:
          STRIX_LLM: ${{ secrets.STRIX_LLM }}
          LLM_API_KEY: ${{ secrets.LLM_API_KEY }}

        run: strix -n -t ./ --scan-mode quick

In CI pull request runs, Strix automatically scopes quick reviews to changed files. If diff-scope cannot resolve, ensure checkout uses full history (fetch-depth: 0) or pass --diff-base explicitly.

Configuration

export STRIX_LLM="openai/gpt-5.4"
export LLM_API_KEY="your-api-key"

# Optional
export LLM_API_BASE="your-api-base-url"  # if using a local model, e.g. Ollama, LMStudio
export PERPLEXITY_API_KEY="your-api-key"  # for search capabilities
export STRIX_REASONING_EFFORT="high"  # control thinking effort (default: high, quick scan: medium)

Strix automatically saves your configuration to ~/.strix/cli-config.json, so you don’t have to re-enter it on every run.

Recommended models for best results:

See the LLM Providers documentation for all supported providers including Vertex AI, Bedrock, Azure, and local models.

Enterprise Pentesting

Get the same Strix experience with enterprise-grade controls: SSO (SAML/OIDC), custom compliance-ready penetration testing reports (SOC 2, ISO 27001, PCI DSS), dedicated support & SLA, custom deployment options (VPC/self-hosted), BYOK model support, and tailored AI pentesting agents optimized for your environment. Learn more.

Documentation

Full documentation is available at docs.strix.ai - including detailed guides for usage, CI/CD integrations, skills, and advanced configuration.

Contributing

We welcome contributions of code, docs, and new skills - check out our Contributing Guide to get started or open a pull request/issue.

Join Our Community

Have questions? Found a bug? Want to contribute? Join our Discord!

Support the Project

Love Strix? Give us a ⭐ on GitHub!

Acknowledgements

Strix builds on the incredible work of open-source projects like LiteLLM, Caido, Nuclei, Playwright, and Textual. Huge thanks to their maintainers!

Only test apps you own or have permission to test. You are responsible for using Strix ethically and legally.

相似文章

@servasyy_ai: 如果你一个人维护项目,没有安全团队,上线前心里总没底,那么这东西基本就是给你的礼物 说实话,市面上叫"AI 安全扫描"的东西我基本不信。 扫完给你报一屏警告,九成是误报,纯浪费时间。 直到我扒了下这两天 GitHub 日榜第一的 stri…

X AI KOLs Timeline

Strix 是一个开源的 AI 渗透测试工具,通过在 Docker 沙箱中动态运行应用、使用 Caido 代理拦截并利用 Python 沙箱编写实际可用的 PoC 来发现和验证漏洞,支持多 agent 协作、自动生成补丁和 CI/CD 集成,比传统误报率高的扫描器更实用。

@AdamShao: 正式开源我的漏洞挖掘工具:http://flounders.xyz 这是一个基于 AI Agent 的全自动漏洞挖掘工作流,你只要告诉 AI 你要找什么项目的漏洞,它就会自动下载代码和文档,深度审计代码,发现可疑漏洞,自动在本地和线上验证…

X AI KOLs Timeline

Flounder is an open-source AI agent-based tool that automates vulnerability discovery in codebases. Users describe the target and the tool autonomously downloads code, conducts deep code audits, tests vulnerabilities locally and online, and generates reports.

usestrix/strix

GitHub Trending (daily)

Strix 是一个开源的 AI 智能体工具包,能够自主对应用程序进行黑客攻击以发现和修复漏洞,并提供经过验证的概念验证,避免误报。

@apivixtls: 这篇文章看完后,我真正注意到的点不是比哪个模型更厉害。作者拿AI跑了一圈实际的安全研究测试。Semgrep直接没找到。Strix接GLM 5.1跑了12小时,花了接近6000万tokens,还是没抓到关键漏洞。Cursor配GPT 5.5…

X AI KOLs Timeline

A security researcher tested four AI approaches (Semgrep, GLM 5.1+Strix, Cursor+GPT 5.5, local AI with custom harness) to find a known LFI vulnerability in PHPIPAM. Only the local AI harness consistently succeeded, demonstrating that the harness methodology matters more than the model, and highlighting advantages of local AI for cost, privacy, and flexibility in security research.