> ## Documentation Index
> Fetch the complete documentation index at: https://docs.strix.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Introduction

> Open-source AI hackers to secure your apps

Strix are autonomous AI agents that act like real hackers—they run your code dynamically, find vulnerabilities, and validate them with proof-of-concepts. Built for developers and security teams who need fast, accurate security testing without the overhead of manual pentesting or the false positives of static analysis tools.

<Frame>
  <img src="https://mintcdn.com/strix/-dBCOJgoE7n40H-S/images/screenshot.png?fit=max&auto=format&n=-dBCOJgoE7n40H-S&q=85&s=9ea04d099e35c6f3e33ea99670e8c092" alt="Strix Demo" width="2000" height="1500" data-path="images/screenshot.png" />
</Frame>

<CardGroup cols={2}>
  <Card title="Quick Start" icon="rocket" href="/quickstart">
    Install and run your first scan in minutes.
  </Card>

  <Card title="CLI Reference" icon="terminal" href="/usage/cli">
    Learn all command-line options.
  </Card>

  <Card title="Tools" icon="wrench" href="/tools/overview">
    Explore the security testing toolkit.
  </Card>

  <Card title="GitHub Actions" icon="github" href="/integrations/github-actions">
    Integrate into your CI/CD pipeline.
  </Card>
</CardGroup>

## Use Cases

* **Application Security Testing** — Detect and validate critical vulnerabilities in your applications
* **Rapid Penetration Testing** — Get penetration tests done in hours, not weeks
* **Bug Bounty Automation** — Automate research and generate PoCs for faster reporting
* **CI/CD Integration** — Block vulnerabilities before they reach production

## Key Capabilities

* **Full hacker toolkit** — Browser automation, HTTP proxy, terminal, Python runtime
* **Real validation** — PoCs, not false positives
* **Multi-agent orchestration** — Specialized agents collaborate on complex targets
* **Developer-first CLI** — Interactive TUI or headless mode for automation

## Security Tools

Strix agents come equipped with a comprehensive toolkit:

| Tool               | Purpose                                            |
| ------------------ | -------------------------------------------------- |
| HTTP Proxy         | Full request/response manipulation and analysis    |
| Browser Automation | Multi-tab browser for XSS, CSRF, auth flow testing |
| Terminal           | Interactive shells for command execution           |
| Python Runtime     | Custom exploit development and validation          |
| Reconnaissance     | Automated OSINT and attack surface mapping         |
| Code Analysis      | Static and dynamic analysis capabilities           |

## Vulnerability Coverage

| Category       | Examples                                      |
| -------------- | --------------------------------------------- |
| Access Control | IDOR, privilege escalation, auth bypass       |
| Injection      | SQL, NoSQL, command injection                 |
| Server-Side    | SSRF, XXE, deserialization                    |
| Client-Side    | XSS, prototype pollution, DOM vulnerabilities |
| Business Logic | Race conditions, workflow manipulation        |
| Authentication | JWT vulnerabilities, session management       |
| Infrastructure | Misconfigurations, exposed services           |

## Multi-Agent Architecture

Strix uses a graph of specialized agents for comprehensive security testing:

* **Distributed Workflows** — Specialized agents for different attacks and assets
* **Scalable Testing** — Parallel execution for fast comprehensive coverage
* **Dynamic Coordination** — Agents collaborate and share discoveries

## Quick Example

```bash theme={null}
# Install
curl -sSL https://strix.ai/install | bash

# Configure
export STRIX_LLM="openai/gpt-5.4"
export LLM_API_KEY="your-api-key"

# Scan
strix --target ./your-app
```

## Community

<CardGroup cols={2}>
  <Card title="Discord" icon="discord" href="https://discord.gg/strix-ai">
    Join the community for help and discussion.
  </Card>

  <Card title="GitHub" icon="github" href="https://github.com/usestrix/strix">
    Star the repo and contribute.
  </Card>
</CardGroup>

<Warning>
  Only test applications you own or have explicit permission to test.
</Warning>