Skip to main content
Strix provides a simple, powerful CLI for running security assessments against your applications. You can test local codebases, GitHub repositories, web applications, domains, and IP addresses.

Your First Scan

Run a basic security assessment by specifying a target: 
strix --target ./app-directory
The --target flag (or -t for short) is required. Strix automatically detects the target type based on the format you provide.

Understanding the Output

When you run Strix, you’ll see a rich terminal interface (TUI) that displays:
  • Real-time progress of agent activities
  • Vulnerability discoveries as they’re found
  • Detailed exploit validation results
  • Agent collaboration and coordination

Results Location

All scan results are saved to a timestamped directory: 
strix_runs/<run-name>/
├── report.md           # Human-readable security report
├── findings.json       # Structured vulnerability data
├── proof-of-concepts/  # Exploit validation scripts
└── logs/              # Detailed execution logs
First run automatically pulls the Strix Docker image. This only happens once and may take a few minutes.

Interactive vs Non-Interactive Mode

Strix runs in two modes:

Interactive Mode (Default)

Provides a real-time TUI with agent activity, findings, and detailed progress: 
strix --target https://your-app.com
The TUI displays:
  • Live agent collaboration
  • Vulnerability findings as they’re discovered
  • Attack surface mapping progress
  • Real-time exploit validation

Non-Interactive Mode

Perfect for CI/CD pipelines, servers, and automated workflows: 
strix -n --target https://your-app.com
# or
strix --non-interactive --target https://your-app.com
Key characteristics:
  • No TUI, prints findings to stdout
  • Exits automatically on completion
  • Returns exit code 2 if vulnerabilities are found
  • Returns exit code 0 if no vulnerabilities are found
  • Ideal for automation and scripting
strix -n --target ./my-app

Target Types

Strix automatically detects and handles different target types:

Local Code Analysis

Test applications on your local filesystem: 
strix --target ./my-project
strix --target /absolute/path/to/app

Repository Analysis

Strix clones and analyzes GitHub repositories: 
strix --target https://github.com/user/repo
The repository is cloned automatically and analyzed for security vulnerabilities.

Web Applications

Black-box testing of deployed applications: 
strix --target https://example.com
strix --target http://localhost:3000

Domains and IPs

Infrastructure and network penetration testing: 
strix --target example.com
strix --target 192.168.1.42

Common Usage Patterns

Quick Security Check

Run a fast assessment for rapid feedback: 
strix --target ./my-app --scan-mode quick

Standard Development Testing

Routine security testing during development: 
strix --target https://staging.example.com --scan-mode standard

Thorough Security Review

Deep analysis before production deployment: 
strix --target ./my-app --scan-mode deep
The default scan mode is deep, which provides the most comprehensive security assessment.

Version Information

Check your installed Strix version: 
strix --version
# or
strix -v

Next Steps

Scan Modes

Learn about quick, standard, and deep scan modes

Custom Instructions

Guide Strix to focus on specific vulnerabilities

Multi-Target Testing

Test multiple targets in a single scan

Advanced Testing

Authenticated testing and complex scenarios

Build docs developers (and LLMs) love

Get started for freeTalk to us