-
Notifications
You must be signed in to change notification settings - Fork 2
getting started configuration
Welcome to the control room!
Siyarix is built to be extremely flexible. Whether you are running it locally on your laptop, deploying it in a CI/CD pipeline, or running it headlessly on a remote server, our layered configuration system ensures you can customize it exactly how you need it.
To make Siyarix adaptable across development, production, and CI environments, we use a 4-tier priority system. When Siyarix looks for a setting (like which AI model to use), it checks these layers from bottom to top:
-
Code Defaults — The fallback defaults hardcoded into the
config.pyfile. -
Settings File — Your personal
~/.siyarix/settings.tomlfile. -
Environment Variables — System variables prefixed with
SIYARIX_. - CLI Flags — Highest Priority. Flags passed directly into the command line.
What does this mean for you? It means you can set a global default in your settings file, but easily override it on the fly for a single scan using a CLI flag!
If you are automating Siyarix via scripts or CI pipelines, environment variables are your best friend.
| Environment Variable | What It Controls | Example |
|---|---|---|
SIYARIX_PROVIDER |
Forces the AI provider | openai |
SIYARIX_PERSONA |
Overrides the active persona | redteam |
SIYARIX_LOG_LEVEL |
Sets the logging verbosity | debug |
SIYARIX_SAFE_MODE |
Restricts AI to reconnaissance only | true |
SIYARIX_TIMEOUT |
Max tool execution time (seconds) | 300 |
SIYARIX_STEALTH |
Enables OPSEC stealth mode | true |
SIYARIX_HOME |
Overrides the default ~/.siyarix/ folder |
/tmp/custom_dir |
SIYARIX_CONFIG |
Overrides the default settings.toml path |
/path/to/my_config.toml |
Siyarix supports an incredible 26+ AI providers. In your settings.toml, you can explicitly tell Siyarix exactly which model to use for each provider.
# Tell Siyarix to automatically pick the best available provider
model_provider = "auto"
# Fine-tune the specific models for each provider:
openai_model = "gpt-4o"
gemini_model = "gemini-2.5-flash"
anthropic_model = "claude-3-7-sonnet-20250219"
deepseek_model = "deepseek-chat"
groq_model = "llama-3.3-70b-versatile"
# ... and many more!Need to run an air-gapped pentest? Siyarix natively integrates with local AI engines. No internet required.
| Provider | Default Endpoint | How to start it locally |
|---|---|---|
| Ollama | http://localhost:11434 |
ollama pull llama3.1 && ollama serve |
| LM Studio | http://localhost:1234 |
Open the app and enable the "Local Inference Server" |
| llama.cpp | http://localhost:18080 |
llama-server --model model.gguf --port 18080 |
| vLLM | http://localhost:8000 |
vllm serve [model_name] |
| Registry | Built-in | Automatically falls back to a hardcoded, non-AI planner! |
If you need to route Siyarix traffic through a proxy (or a pool of proxies), it's incredibly easy to set up in your settings.toml.
# Route everything through a single proxy (like Burp Suite or ZAP)
proxy = "http://127.0.0.1:8080"
# Or, define a Proxy Pool! Siyarix will intelligently rotate through them.
proxy_pool = "http://proxy1:8080,http://proxy2:8080"You can also alter Siyarix's HTTP fingerprint to mimic different browsers during OSINT and web requests:
client_profile = "desktop_chrome"
# Available Options: desktop_chrome, desktop_firefox, android_mobile, ios_safariSecurity tools don't have to be ugly! Siyarix ships with beautifully crafted terminal themes.
color_theme = "cyber_noir"Want to see what they look like? Run siyarix themes to preview them all!
Available themes: cyber_noir, matrix, bloodmoon, arctic, synthwave, neon, and more.
You don't have to open the settings.toml file manually. Siyarix provides handy CLI commands to manage your config directly from the terminal:
siyarix config list # Show all settings beautifully formatted
siyarix config get <key> # Get a single value (e.g., `siyarix config get color_theme`)
siyarix config set <key> <value> # Set a value
siyarix config reset # Reset everything back to factory defaults
siyarix config edit # Automatically open settings.toml in your default $EDITORJust a quick reminder on how to securely manage your API keys via the encrypted vault:
siyarix auth set-key <provider> # Securely store a new API key
siyarix auth show # See which providers are active
siyarix creds list # List all stored credentials
siyarix creds rotate # Rotate the AES encryption key securing the vault- Troubleshooting — Having issues? Let's get them fixed.
- CLI Commands — See all the commands you can run!
Note
👋 Welcome to Siyarix! This is a personal passion project built by a single developer. It's currently under active development and growing fast. Expect rough edges, but lots of love! ❤️
Welcome to the Siyarix Documentation Map! This page serves as your master compass for navigating the extensive documentation we have built for the platform.
Whether you are a brand new user, a seasoned security operator, or a developer looking to contribute to the core engine, you can find exactly what you need here.
Not sure where to start? Pick the path that best describes you:
Just getting started? We highly recommend following these guides in order:
- Installation Guide — Get Siyarix running on your machine.
- Onboarding Wizard — Let our interactive wizard help you set up your API keys and environment.
- Setup & Configuration — A deeper dive into customizing your setup.
- Your First Run — A gentle walkthrough of your very first Siyarix command.
Ready to put Siyarix to work? Dive into our operational guides:
- Interactive Chat (REPL) — Learn how to use the powerful interactive terminal.
- Security Workflows — Best practices for recon, vulnerability assessment, and incident response.
- Cloud & IaC Scanning — How to secure your cloud environments and infrastructure code.
- Compliance Frameworks — Map your scans to SOC 2, HIPAA, ISO 27001, and more.
Looking under the hood or wanting to write some code? Start here:
- Contribution Guide — Our workflow, standards, and how you can help!
- Codebase Overview — A comprehensive map of our 82+ source modules.
- Testing Standards — How we ensure reliability with pytest and CI/CD.
- Module Architecture — Component design and responsibilities.
If you prefer to browse the raw structure, here is a complete layout of the docs/ folder:
docs/
├── 🚀 getting-started/ # Installation, onboarding, and configuration
│ ├── installation.md # Multi-platform install (pip, brew, winget, docker)
│ ├── onboarding.md # The interactive 11-step setup wizard
│ ├── setup.md # Managing API keys, credentials, and settings
│ ├── first-run.md # A walkthrough of your first session
│ ├── configuration.md # A deep-dive into advanced settings
│ └── troubleshooting.md # Common issues and how to fix them instantly
│
├── 📖 user/ # Daily operations and workflows
│ ├── cli-commands.md # Reference for 50+ CLI commands across 12 groups
│ ├── interactive-chat.md # Mastering the AI REPL and 54+ slash commands
│ ├── security-workflows.md # Recon, vulnerability assessment, incident response
│ ├── cloud-scanning.md # Multi-cloud security scanning (under development)
│ ├── compliance.md # Framework mapping (SOC 2, NIST, GDPR, PCI-DSS)
│ ├── threat-intelligence.md# Integrations with OTX, NVD, and MITRE ATT&CK
│ ├── playbooks.md # Building automated YAML-based IR playbooks
│ ├── workflow-files.md # DAG workflow reference (programmatic API)
│ ├── reporting.md # Multi-format report generation
│ ├── offline-registry.md # Running without AI (Offline/Registry execution mode)
│ └── ai-workflows.md # Advanced AI-driven autonomous operations
│
├── 💻 developer/ # Building, testing, and extending Siyarix
│ ├── codebase-overview.md # Full module structure mapping
│ ├── contribution-guide.md # How to submit PRs and our coding standards
│ ├── module-architecture.md# Component design and responsibilities
│ ├── testing.md # Writing tests (pytest), coverage, and CI/CD
│ └── building.md # Packaging, distribution, and Docker builds
│
├── 🏗️ architecture/ # System design and core internals
│ ├── overview.md # High-level data flow and layered orchestration
│ ├── ai-agent-pipeline.md # The AgentCore reasoning and execution pipeline
│ ├── provider-abstraction.md# How we unify 26 different AI providers
│ ├── execution-engine.md # Plan-based step orchestration
│ ├── memory-and-state.md # Knowledge graph, session persistence, and learning
│ ├── security-model.md # The Permission Gate, DLP, audit logging, and OPSEC
│ └── intent-routing.md # Semantic intent classification and routing
│
├── 🧠 ai/ # Deep dive into the AI provider & agent systems
│ ├── routing.md # Managing 26 providers, failovers, and circuit breakers
│ ├── persona-system.md # Overview of our 10 security personas
│ ├── agent-reasoning.md # The Observe-Reason-Act loop and tool call repair
│ ├── tool-execution.md # The tool registry, capability graph, and parsers
│ ├── ensemble.md # Parallel LLM voting strategies
│ ├── multi-wave.md # Iterative goal execution with context carry-over
│ ├── prompt-architecture.md# System prompt design and management
│ └── safety.md # Our rigorous 8-layer hallucination mitigation system
│
├── 🛡️ security/ # Safety, ethics, and threat models
│ ├── reporting.md # How to safely report vulnerabilities to us
│ ├── threat-model.md # System threat model and our mitigations
│ ├── operational-security.md# TOR routing, stealth modes, and OPSEC controls
│ ├── ethical-policy.md # Mandatory rules of engagement for all users
│ └── abuse-prevention.md # How we prevent misuse of the AI engine
│
└── ⚖️ legal/ # Licensing and governance
├── agpl-guide.md # A plain-English overview of the AGPL-3.0-or-later license
├── why-agpl.md # The philosophy behind our license choice
├── trademark-policy.md # Branding and trademark guidelines
├── responsible-ai.md # Our framework for ethical AI usage
├── disclaimer.md # Important legal disclaimers
└── plugin-exception.md # The license exception for building custom plugins
As you read through the documentation, you might encounter some specific terms. Here is a quick cheat sheet:
| Term | What It Means |
|---|---|
| Provider | The backend AI engine powering Siyarix (e.g., OpenAI, Anthropic, Ollama). |
| Tool | A traditional security executable installed on your system (e.g., nmap, nuclei). |
| Plan | A step-by-step sequence of tool commands intelligently generated by the AI. |
| Workflow | A hardcoded, predefined execution path (usually defined in YAML/JSON) that doesn't require AI generation. |
| Persona | A specialized behavioral profile given to the AI (e.g., instructing it to act specifically as a "Network Recon Specialist"). |
| Knowledge Graph | Siyarix's internal memory where it stores findings (like IP addresses, open ports) to contextually inform future steps. |
Need help finding something specific? Feel free to use the search bar at the top of the documentation site, or open a discussion on our GitHub!