Strix
Open-source autonomous AI penetration testing tool that continuously finds, validates, and auto-fixes vulnerabilities across APIs, web apps, code, and cloud infrastructure.
At a Glance
About Strix
Strix is an open-source autonomous AI penetration testing tool built by OmniSecure, Inc. and published under the Apache 2.0 license. It deploys teams of AI agents that act like real hackers — running code dynamically, finding vulnerabilities, and validating them through working proof-of-concept exploits. The project has accumulated over 28,000 GitHub stars since its creation in August 2025, and a managed cloud platform at app.strix.ai extends the open-source CLI with continuous coverage, PR reviews, and auto-fix capabilities.
What It Is
Strix is an agentic security testing platform that combines static analysis, dynamic application security testing (DAST), and multi-agent orchestration to automate the full penetration testing lifecycle. Unlike legacy vulnerability scanners that produce false positives, Strix validates every finding with a working exploit before reporting it. The tool covers the OWASP Top 10 and beyond — including IDOR, SSRF, SQL injection, XSS, JWT attacks, business logic flaws, and cloud misconfigurations — across REST APIs, GraphQL, web apps, source code, and cloud infrastructure.
Core Architecture: Graph of Agents
Strix uses a multi-agent orchestration model where specialized AI agents collaborate like a red team:
- Reconnaissance agents handle attack surface mapping, subdomain enumeration, and fingerprinting
- Exploitation agents run targeted attacks using an HTTP interception proxy (Caido integration), browser automation (Playwright), a Python exploit sandbox, and an interactive shell
- Validation agents confirm exploitability with working PoCs and CVSS scoring
- Coordination layer lets agents share discoveries, chain vulnerabilities, and scale across multiple targets in parallel
The CLI supports OpenAI, Anthropic, Google Vertex AI, AWS Bedrock, Azure, and local models via LiteLLM, configurable with a single environment variable.
Developer Workflow and CI/CD Integration
Strix is designed to plug directly into DevSecOps pipelines:
- Install via a single
curlcommand; requires Docker and an LLM API key - Scan local codebases, GitHub repos, or live URLs with
strix --target - A
--non-interactiveflag enables headless mode for automated jobs; exits with a non-zero code when vulnerabilities are found - A GitHub Actions workflow snippet is provided in the README for PR-scoped security scans
- The cloud platform integrates with GitHub, GitLab, Bitbucket, Slack, Jira, and Linear
- In CI pull request runs, Strix automatically scopes quick reviews to changed files
Cloud Platform vs. Open-Source CLI
The open-source CLI (strix-agent on PyPI) provides the full agentic pentesting engine. The managed cloud platform at app.strix.ai adds:
- Continuous always-on pentesting that keeps pace with deployments
- One-click auto-fix: AI-generated patches delivered as merge-ready pull requests, retested to confirm the vulnerability is gone
- A real-time security posture dashboard with validated findings and PoCs
- Attack surface monitoring and scheduled pentesting
- An enterprise tier with VPC/on-premise/air-gapped deployment, SSO (SAML/OIDC), SCIM, custom model support (BYOK), internal infrastructure pentesting, and dedicated SLA
Update: v1.0.4 and New Platform Launch
The latest release is v1.0.4, published June 9, 2026. The repository was last pushed June 30, 2026, indicating active development. Alongside the CLI releases, the team published a blog post titled "Introducing the New Strix Platform" (April 13, 2026), signaling a significant expansion from a CLI tool to a full-stack security platform. A partnership with Caido (March 2026) brought precision HTTP interception proxy capabilities into the agentic pentesting workflow. The project is SOC 2 Type II and ISO 27001 compliant on the enterprise side.
Community Discussions
Be the first to start a conversation about Strix
Share your experience with Strix, ask questions, or help others learn from your insights.
Pricing
Open Source
Full open-source CLI tool available on GitHub under Apache 2.0 license.
- Full agentic pentesting engine
- CLI-based scanning of local codebases, repos, and URLs
- Multi-agent orchestration
- Real exploit validation with PoCs
- CVSS scoring and OWASP classification
Pro
Full-stack cloud platform for teams shipping fast without compromising security.
- API & web app pentesting
- PR security reviews
- One-click autofix
- Attack surface monitoring
- Scheduled pentesting
- Jira, Linear & Slack integrations
- 7 day free trial
Enterprise
For organizations that need full control and compliance.
- All Pro features
- VPC / on-prem deployment
- Custom model support (BYOK)
- Internal infrastructure pentesting
- SSO & SCIM
- Dedicated support & SLA
- Real-time threat intelligence
- Free proof of value pilot
Capabilities
Key Features
- Autonomous AI penetration testing agents
- Multi-agent orchestration (Graph of Agents)
- Real exploit validation with proof-of-concept
- One-click auto-fix with merge-ready PRs
- PR security reviews in CI/CD pipelines
- Continuous attack surface monitoring
- REST, GraphQL, and web app pentesting
- Infrastructure and cloud misconfiguration scanning
- OWASP Top 10 vulnerability coverage
- IDOR, SSRF, SQLi, XSS, JWT attack detection
- HTTP interception proxy (Caido integration)
- Browser automation for XSS/CSRF/auth bypass testing
- Python exploit sandbox
- SAST + DAST capabilities
- CVSS scoring and OWASP classification
- Headless/non-interactive mode for automation
- GitHub Actions CI/CD integration
- Multi-LLM provider support (OpenAI, Anthropic, Google, etc.)
- Local model support via Ollama/LMStudio
- Compliance-ready pentest reports (SOC 2, ISO 27001, PCI DSS)
- Self-hosted/VPC/air-gapped enterprise deployment
- SSO (SAML/OIDC) and SCIM
- Zero data retention policy
