-
Notifications
You must be signed in to change notification settings - Fork 2
user ai workflows
Welcome to the future of security operations! Siyarix leverages modern AI providers to understand your natural language requests, select the right tools, and autonomously execute complex plans. Simply tell Siyarix what you want to do, and our execution engine will turn your intent into a structured, step-by-step plan.
Have you ever wanted to just tell your tools what to do? Now you can!
siyarix run "scan the network 10.0.0.0/24 for open ports and service versions"Note
Siyarix translates human language into security actions. You don't need to memorize complex flags or syntax anymore!
Behind the scenes, the execution engine processes your input through these steps:
- Intent Parsing: Figures out your target, the necessary parameters, and what you actually want to achieve.
- Tool Selection: Matches your request against the capabilities of tools available in the Siyarix registry.
- Plan Construction: Builds a smart, organized execution plan (even handling parallel tasks!).
- Execution: Runs the steps in the correct order.
- Result Aggregation: Collects everything and presents you with neat, structured findings.
Want to tackle a large task while you grab a coffee? Meet the autonomous agent.
siyarix agent "enumerate all subdomains, find live hosts, scan for vulns, and report"The agent uses a smart "Observe-Reason-Act" loop to break down complex objectives into manageable steps.
| Mode | CLI Flag | What It Does |
|---|---|---|
| Registry | --mode offline |
Traditional planning using our tool registry (no AI needed). Great for air-gapped setups! |
| Autonomous | --mode autonomous |
Full AI control! The agent plans and executes steps without asking for confirmation. |
| Hybrid | --mode integrated |
The sweet spot. AI proposes the plans, but keeps you in the loop during execution. |
Don't worry about an AI outage stopping your work. Siyarix has your back!
If your primary AI provider goes down:
- Circuit Breaker: Trips automatically after 3 failures in 60 seconds.
- Next Provider: Siyarix smoothly switches to the next provider on your list.
- Registry Fallback: If all AI providers are down, Siyarix falls back to its offline registry planner.
- Graceful Degradation: You keep working! Commands still execute, just without the AI magic.
Tip
You can easily configure your preferred backup order!
siyarix config set provider_preference '["openai", "anthropic", "gemini"]'Ever wonder how the AI knows so much about your environment? We build rich prompts using:
- System Context: Details about your platform and available tools.
- User Input: What you typed (commands or plain English).
- Conversation History: Keeping track of what we've already discussed.
- Safety Constraints: Rules and permission gates to keep you safe.
- Persona Instructions: Adapting to your needs (e.g., acting as a red teamer or a blue teamer).
The AI doesn't just guess; it selects tools based on strict criteria:
- Capability: Can the tool actually do the job?
- Availability: Is it installed on your system?
- Platform: Does it work on your OS (Windows, Mac, Linux)?
- Safety: Is it appropriate for the current safety mode?
Important
The ToolRegistry keeps track of all discovered security tools on your system. It automatically scans your system path on startup, so you're always ready to go.
To keep the AI sharp and focused, we manage its memory (context window) carefully:
- Smart Forgetting: Old conversations are truncated so the AI doesn't get overwhelmed.
- Summarization: Verbose tool outputs are summarized to keep things concise.
- Offline Storage: large result sets are stored safely offline and referenced when needed.
No internet? No AI? No problem! Siyarix is built to work perfectly offline.
When using --mode offline or if the AI is unreachable:
- The
RegistryPlannerhandles your commands using smart pattern matching. - The
OfflineStoreprovides rich, contextual responses. - All your tools remain 100% usable.
Siyarix plays nicely with all the major AI models. Here is how to configure them:
| Provider | Configuration Command |
|---|---|
| OpenAI | siyarix auth set-key openai --key sk-... |
| Anthropic | siyarix auth set-key anthropic --key sk-ant-... |
| Gemini | siyarix auth set-key gemini --key AIz... |
| Groq | siyarix auth set-key groq --key ... |
| Together | siyarix auth set-key together --key ... |
| OpenRouter | siyarix auth set-key openrouter --key ... |
Note
👋 Welcome to Siyarix! This is a personal passion project built by a single developer. It's currently under active development and growing fast. Expect rough edges, but lots of love! ❤️
Welcome to the Siyarix Documentation Map! This page serves as your master compass for navigating the extensive documentation we have built for the platform.
Whether you are a brand new user, a seasoned security operator, or a developer looking to contribute to the core engine, you can find exactly what you need here.
Not sure where to start? Pick the path that best describes you:
Just getting started? We highly recommend following these guides in order:
- Installation Guide — Get Siyarix running on your machine.
- Onboarding Wizard — Let our interactive wizard help you set up your API keys and environment.
- Setup & Configuration — A deeper dive into customizing your setup.
- Your First Run — A gentle walkthrough of your very first Siyarix command.
Ready to put Siyarix to work? Dive into our operational guides:
- Interactive Chat (REPL) — Learn how to use the powerful interactive terminal.
- Security Workflows — Best practices for recon, vulnerability assessment, and incident response.
- Cloud & IaC Scanning — How to secure your cloud environments and infrastructure code.
- Compliance Frameworks — Map your scans to SOC 2, HIPAA, ISO 27001, and more.
Looking under the hood or wanting to write some code? Start here:
- Contribution Guide — Our workflow, standards, and how you can help!
- Codebase Overview — A comprehensive map of our 82+ source modules.
- Testing Standards — How we ensure reliability with pytest and CI/CD.
- Module Architecture — Component design and responsibilities.
If you prefer to browse the raw structure, here is a complete layout of the docs/ folder:
docs/
├── 🚀 getting-started/ # Installation, onboarding, and configuration
│ ├── installation.md # Multi-platform install (pip, brew, winget, docker)
│ ├── onboarding.md # The interactive 11-step setup wizard
│ ├── setup.md # Managing API keys, credentials, and settings
│ ├── first-run.md # A walkthrough of your first session
│ ├── configuration.md # A deep-dive into advanced settings
│ └── troubleshooting.md # Common issues and how to fix them instantly
│
├── 📖 user/ # Daily operations and workflows
│ ├── cli-commands.md # Reference for 50+ CLI commands across 12 groups
│ ├── interactive-chat.md # Mastering the AI REPL and 54+ slash commands
│ ├── security-workflows.md # Recon, vulnerability assessment, incident response
│ ├── cloud-scanning.md # Multi-cloud security scanning (under development)
│ ├── compliance.md # Framework mapping (SOC 2, NIST, GDPR, PCI-DSS)
│ ├── threat-intelligence.md# Integrations with OTX, NVD, and MITRE ATT&CK
│ ├── playbooks.md # Building automated YAML-based IR playbooks
│ ├── workflow-files.md # DAG workflow reference (programmatic API)
│ ├── reporting.md # Multi-format report generation
│ ├── offline-registry.md # Running without AI (Offline/Registry execution mode)
│ └── ai-workflows.md # Advanced AI-driven autonomous operations
│
├── 💻 developer/ # Building, testing, and extending Siyarix
│ ├── codebase-overview.md # Full module structure mapping
│ ├── contribution-guide.md # How to submit PRs and our coding standards
│ ├── module-architecture.md# Component design and responsibilities
│ ├── testing.md # Writing tests (pytest), coverage, and CI/CD
│ └── building.md # Packaging, distribution, and Docker builds
│
├── 🏗️ architecture/ # System design and core internals
│ ├── overview.md # High-level data flow and layered orchestration
│ ├── ai-agent-pipeline.md # The AgentCore reasoning and execution pipeline
│ ├── provider-abstraction.md# How we unify 26 different AI providers
│ ├── execution-engine.md # Plan-based step orchestration
│ ├── memory-and-state.md # Knowledge graph, session persistence, and learning
│ ├── security-model.md # The Permission Gate, DLP, audit logging, and OPSEC
│ └── intent-routing.md # Semantic intent classification and routing
│
├── 🧠 ai/ # Deep dive into the AI provider & agent systems
│ ├── routing.md # Managing 26 providers, failovers, and circuit breakers
│ ├── persona-system.md # Overview of our 10 security personas
│ ├── agent-reasoning.md # The Observe-Reason-Act loop and tool call repair
│ ├── tool-execution.md # The tool registry, capability graph, and parsers
│ ├── ensemble.md # Parallel LLM voting strategies
│ ├── multi-wave.md # Iterative goal execution with context carry-over
│ ├── prompt-architecture.md# System prompt design and management
│ └── safety.md # Our rigorous 8-layer hallucination mitigation system
│
├── 🛡️ security/ # Safety, ethics, and threat models
│ ├── reporting.md # How to safely report vulnerabilities to us
│ ├── threat-model.md # System threat model and our mitigations
│ ├── operational-security.md# TOR routing, stealth modes, and OPSEC controls
│ ├── ethical-policy.md # Mandatory rules of engagement for all users
│ └── abuse-prevention.md # How we prevent misuse of the AI engine
│
└── ⚖️ legal/ # Licensing and governance
├── agpl-guide.md # A plain-English overview of the AGPL-3.0-or-later license
├── why-agpl.md # The philosophy behind our license choice
├── trademark-policy.md # Branding and trademark guidelines
├── responsible-ai.md # Our framework for ethical AI usage
├── disclaimer.md # Important legal disclaimers
└── plugin-exception.md # The license exception for building custom plugins
As you read through the documentation, you might encounter some specific terms. Here is a quick cheat sheet:
| Term | What It Means |
|---|---|
| Provider | The backend AI engine powering Siyarix (e.g., OpenAI, Anthropic, Ollama). |
| Tool | A traditional security executable installed on your system (e.g., nmap, nuclei). |
| Plan | A step-by-step sequence of tool commands intelligently generated by the AI. |
| Workflow | A hardcoded, predefined execution path (usually defined in YAML/JSON) that doesn't require AI generation. |
| Persona | A specialized behavioral profile given to the AI (e.g., instructing it to act specifically as a "Network Recon Specialist"). |
| Knowledge Graph | Siyarix's internal memory where it stores findings (like IP addresses, open ports) to contextually inform future steps. |
Need help finding something specific? Feel free to use the search bar at the top of the documentation site, or open a discussion on our GitHub!