-
Notifications
You must be signed in to change notification settings - Fork 2
Home
Note
👋 Welcome to Siyarix! This is a personal passion project built by a single developer. It's currently under active development and growing fast. Expect rough edges, but lots of love! ❤️
Welcome to the official documentation for Siyarix! 👋
Whether you are here to run your first automated scan, build an advanced incident response playbook, or contribute to our core AI engine, you are in the right place.
At its core, Siyarix is an AI-native cybersecurity orchestration platform.
What does that mean? It means we bridge the gap between human intent and machine execution. Instead of memorizing obscure CLI flags or manually parsing text outputs, Siyarix allows you to state your security goals in plain English. It then uses advanced AI to plan the steps, orchestrates over 80+ security tools, automatically parses their outputs, and generates beautiful, structured reports.
It lives right in your terminal, acting as your tireless, highly-intelligent security co-pilot.
Ready to dive right in? Here are a few quick commands to get you rolling.
(Note: On your very first run, a friendly Onboarding Wizard will help you set up your AI providers!)
# 1. Install via pip
pip install siyarix
# 2. Launch the interactive REPL shell
siyarix
# 3. Run a quick, pre-configured port scan
siyarix scan quick example.com
# 4. Use natural language to get things done!
siyarix run "enumerate services on 10.0.0.1 and output to markdown"
# 5. Working in a secure, air-gapped environment? Use offline mode!
siyarix --mode offline run "scan example.com"We have organized our documentation to help you find exactly what you need. Choose your path below:
| Section | What You'll Find Inside |
|---|---|
| 🛠️ Getting Started | Everything you need to install, set up your credentials, and run your very first scan. |
| 📖 User Guide | Your daily manual. Covers all CLI commands, interactive chat, and advanced security workflows. |
| 🧠 AI System | A deep dive into how our AI reasons, routes requests across 24+ providers, and keeps operations safe. |
| 🏗️ Architecture | For the curious minds: how the execution engine, Knowledge Graph, and data flows actually work. |
| 🛡️ Security & Ethics | Critical reading on our OPSEC controls, threat models, and mandatory ethical hacking policies. |
| 💻 Developer Guide | Want to contribute? Learn about our codebase structure, testing standards, and how to build Siyarix. |
| ⚖️ Legal & Governance | Licensing details (AGPL-3.0), trademark policies, and our Responsible AI framework. |
Siyarix is designed to empower a wide variety of security professionals:
| If you are a... | Siyarix helps you by... |
|---|---|
| Penetration Tester | Automating tedious recon phases, intelligently chaining tools together, and generating perfectly structured reports for your clients. |
| Security Engineer | Allowing you to build repeatable, YAML-based playbooks, integrate security into CI/CD pipelines, and automate routine compliance checks. |
| SOC Analyst | Streamlining incident response, accelerating your threat hunting, and automatically mapping findings to the MITRE ATT&CK framework. |
| Cloud Architect | Validating your Infrastructure as Code (IaC) and performing consistent, multi-cloud posture scanning. |
| Security Researcher | Providing a robust parser framework and AI-assisted analysis so you can focus on finding novel vulnerabilities rather than writing glue code. |
Siyarix started as a personal passion project, but it is now officially public and growing fast!
We warmly welcome contributors of all skill levels. Whether you want to fix a typo in the documentation, add a new AI provider, or write a parser for a security tool you love, your help is deeply appreciated.
👋 Heads Up: To better support our growing community of contributors, Siyarix will soon be moving to its very own dedicated GitHub organization (
siyarix/siyarix). Don't worry, all links will seamlessly redirect!
Check out our Contribution Guide to get started. Let's build the future of AI-assisted security together!
Stable Release — Version 1.0.0 is currently production-ready! We strictly follow semantic versioning, and any breaking changes are always thoroughly documented in our project Changelog.
Warning
Siyarix is an incredibly powerful tool designed exclusively for authorized security testing and defensive operations. You must review and agree to our Ethical Hacking Policy before using it. Never scan systems without explicit permission.
Note
👋 Welcome to Siyarix! This is a personal passion project built by a single developer. It's currently under active development and growing fast. Expect rough edges, but lots of love! ❤️
Welcome to the Siyarix Documentation Map! This page serves as your master compass for navigating the extensive documentation we have built for the platform.
Whether you are a brand new user, a seasoned security operator, or a developer looking to contribute to the core engine, you can find exactly what you need here.
Not sure where to start? Pick the path that best describes you:
Just getting started? We highly recommend following these guides in order:
- Installation Guide — Get Siyarix running on your machine.
- Onboarding Wizard — Let our interactive wizard help you set up your API keys and environment.
- Setup & Configuration — A deeper dive into customizing your setup.
- Your First Run — A gentle walkthrough of your very first Siyarix command.
Ready to put Siyarix to work? Dive into our operational guides:
- Interactive Chat (REPL) — Learn how to use the powerful interactive terminal.
- Security Workflows — Best practices for recon, vulnerability assessment, and incident response.
- Cloud & IaC Scanning — How to secure your cloud environments and infrastructure code.
- Compliance Frameworks — Map your scans to SOC 2, HIPAA, ISO 27001, and more.
Looking under the hood or wanting to write some code? Start here:
- Contribution Guide — Our workflow, standards, and how you can help!
- Codebase Overview — A comprehensive map of our 82+ source modules.
- Testing Standards — How we ensure reliability with pytest and CI/CD.
- Module Architecture — Component design and responsibilities.
If you prefer to browse the raw structure, here is a complete layout of the docs/ folder:
docs/
├── 🚀 getting-started/ # Installation, onboarding, and configuration
│ ├── installation.md # Multi-platform install (pip, brew, winget, docker)
│ ├── onboarding.md # The interactive 11-step setup wizard
│ ├── setup.md # Managing API keys, credentials, and settings
│ ├── first-run.md # A walkthrough of your first session
│ ├── configuration.md # A deep-dive into advanced settings
│ └── troubleshooting.md # Common issues and how to fix them instantly
│
├── 📖 user/ # Daily operations and workflows
│ ├── cli-commands.md # Reference for 50+ CLI commands across 12 groups
│ ├── interactive-chat.md # Mastering the AI REPL and 54+ slash commands
│ ├── security-workflows.md # Recon, vulnerability assessment, incident response
│ ├── cloud-scanning.md # Multi-cloud security scanning (under development)
│ ├── compliance.md # Framework mapping (SOC 2, NIST, GDPR, PCI-DSS)
│ ├── threat-intelligence.md# Integrations with OTX, NVD, and MITRE ATT&CK
│ ├── playbooks.md # Building automated YAML-based IR playbooks
│ ├── workflow-files.md # DAG workflow reference (programmatic API)
│ ├── reporting.md # Multi-format report generation
│ ├── offline-registry.md # Running without AI (Offline/Registry execution mode)
│ └── ai-workflows.md # Advanced AI-driven autonomous operations
│
├── 💻 developer/ # Building, testing, and extending Siyarix
│ ├── codebase-overview.md # Full module structure mapping
│ ├── contribution-guide.md # How to submit PRs and our coding standards
│ ├── module-architecture.md# Component design and responsibilities
│ ├── testing.md # Writing tests (pytest), coverage, and CI/CD
│ └── building.md # Packaging, distribution, and Docker builds
│
├── 🏗️ architecture/ # System design and core internals
│ ├── overview.md # High-level data flow and layered orchestration
│ ├── ai-agent-pipeline.md # The AgentCore reasoning and execution pipeline
│ ├── provider-abstraction.md# How we unify 26 different AI providers
│ ├── execution-engine.md # Plan-based step orchestration
│ ├── memory-and-state.md # Knowledge graph, session persistence, and learning
│ ├── security-model.md # The Permission Gate, DLP, audit logging, and OPSEC
│ └── intent-routing.md # Semantic intent classification and routing
│
├── 🧠 ai/ # Deep dive into the AI provider & agent systems
│ ├── routing.md # Managing 26 providers, failovers, and circuit breakers
│ ├── persona-system.md # Overview of our 10 security personas
│ ├── agent-reasoning.md # The Observe-Reason-Act loop and tool call repair
│ ├── tool-execution.md # The tool registry, capability graph, and parsers
│ ├── ensemble.md # Parallel LLM voting strategies
│ ├── multi-wave.md # Iterative goal execution with context carry-over
│ ├── prompt-architecture.md# System prompt design and management
│ └── safety.md # Our rigorous 8-layer hallucination mitigation system
│
├── 🛡️ security/ # Safety, ethics, and threat models
│ ├── reporting.md # How to safely report vulnerabilities to us
│ ├── threat-model.md # System threat model and our mitigations
│ ├── operational-security.md# TOR routing, stealth modes, and OPSEC controls
│ ├── ethical-policy.md # Mandatory rules of engagement for all users
│ └── abuse-prevention.md # How we prevent misuse of the AI engine
│
└── ⚖️ legal/ # Licensing and governance
├── agpl-guide.md # A plain-English overview of the AGPL-3.0-or-later license
├── why-agpl.md # The philosophy behind our license choice
├── trademark-policy.md # Branding and trademark guidelines
├── responsible-ai.md # Our framework for ethical AI usage
├── disclaimer.md # Important legal disclaimers
└── plugin-exception.md # The license exception for building custom plugins
As you read through the documentation, you might encounter some specific terms. Here is a quick cheat sheet:
| Term | What It Means |
|---|---|
| Provider | The backend AI engine powering Siyarix (e.g., OpenAI, Anthropic, Ollama). |
| Tool | A traditional security executable installed on your system (e.g., nmap, nuclei). |
| Plan | A step-by-step sequence of tool commands intelligently generated by the AI. |
| Workflow | A hardcoded, predefined execution path (usually defined in YAML/JSON) that doesn't require AI generation. |
| Persona | A specialized behavioral profile given to the AI (e.g., instructing it to act specifically as a "Network Recon Specialist"). |
| Knowledge Graph | Siyarix's internal memory where it stores findings (like IP addresses, open ports) to contextually inform future steps. |
Need help finding something specific? Feel free to use the search bar at the top of the documentation site, or open a discussion on our GitHub!