-
Notifications
You must be signed in to change notification settings - Fork 2
user cli commands
Siyarix is a CLI-first platform built on the blazing fast Typer framework. Everything you can do in Siyarix is accessible via the siyarix command-line binary.
Whether you are running a single scan, automating a large batch job, or spinning up the interactive chat, this reference guide has you covered.
You can attach these flags to almost any Siyarix command.
siyarix [OPTIONS] COMMAND [ARGS]...| Option | What it does |
|---|---|
--config, -c
|
Pass in a custom configuration file (YAML/JSON) instead of the default settings. |
--batch, -b
|
Have a script full of Siyarix commands? Point this to your script to run them all! |
--mode, -m
|
Force a specific execution mode (autonomous, integrated, offline, or registry). |
--target, -t
|
Pre-set the initial target (IP, URL, or CIDR) for your session. |
--session |
Pick up right where you left off by providing a previous Session ID. |
--resume |
A shortcut to instantly resume your most recent session. |
--version |
Print the current Siyarix version. |
--help |
See the help menu for the current command. |
There is no "wrong" way to use Siyarix. Pick the workflow that fits your task:
-
Interactive REPL:
siyarix(No subcommand)- Launches our beautiful, context-aware terminal chat interface featuring over 54+ slash commands.
-
Direct Execution:
siyarix scan 10.0.0.1- Run a single command, get the result, and exit cleanly. Perfect for quick checks.
-
Pipe Mode:
echo "scan 10.0.0.1" | siyarix- Feed commands directly into Siyarix from other terminal tools via standard input.
-
Batch Mode:
siyarix --batch script.txt- Execute a sequence of pre-written commands.
-
Autonomous Agent:
siyarix agent "enumerate services"- Give Siyarix a high-level goal and let its Observe-Reason-Act loop figure out how to achieve it.
These are the commands you will use every single day.
Relaunch the interactive 11-step setup wizard to configure your AI providers and terminal preferences.
siyarix init [--force] [--skip-requirements]Run security scans against one or more targets using the tools installed on your system.
siyarix scan <targets...> [OPTIONS]
# 💡 Pro-Tip: You can scan hundreds of IPs at once using a file!
siyarix scan @targets.txtScan Presets (The Fast Track):
-
siyarix scan-quick <target>: Rapid port discovery (Top 100 ports, no deep service detection). -
siyarix scan-full <target>: Scans all ports, fingerprints the OS, and runs default scripts. -
siyarix scan-deep <target>: A heavy, multi-pass scan for maximum reconnaissance. -
siyarix scan-web <target>: Specifically hunts for web application vulnerabilities (runsnikto,whatweb,nuclei).
A lightweight command to map out the assets and services running on a target.
siyarix discover <target> [--deep] [--export results.json]The magic command. Speak to Siyarix in natural language, and it will build and execute a plan.
siyarix run "scan my network for open ports and output to a table"Unleash the autonomous agent! Tell Siyarix the ultimate goal, and it will iterate through multiple phases (Observe, Reason, Act) until it finishes the job.
siyarix agent "find all vulnerabilities on our web server" --max-iter 15Run a comprehensive diagnostic check on your AI providers, terminal tools, RAM, and CPU.
siyarix healthManage your encrypted API keys and tool credentials.
siyarix auth set-key openai # Securely input an API key
siyarix auth show # See your active providers
siyarix creds list # List stored tool credentials
siyarix creds rotate # Rotate your vault's AES encryption keyTweak Siyarix's settings directly from the CLI.
siyarix config list # View all settings
siyarix config set log_level debug # Change a setting
siyarix config edit # Open settings in your text editorCustomize the look and feel of the terminal.
siyarix theme list
siyarix theme set cyber_noir
siyarix theme preview # Preview what they all look like!Execute or validate YAML-based Incident Response playbooks.
siyarix playbook run ./playbooks/incident_response.yaml
siyarix playbook validate ./playbooks/my_draft.yamlGenerate gorgeous, board-ready assessment reports straight from your scan data.
siyarix report generate --format html --output pentest_report.htmlSiyarix includes dedicated subgroups for specialized security tasks:
-
siyarix audit: Manage tamper-evident audit trails using SHA-256 hash chaining. -
siyarix security: Manage incidents, track vulnerabilities, and hunt for threats mapped to the MITRE ATT&CK framework. -
siyarix compliance: Automatically run compliance assessments against frameworks like SOC2, HIPAA, NIST, and GDPR. -
siyarix ci-gate: Drop Siyarix into a CI/CD pipeline. It will automatically fail the build if security thresholds aren't met!
Integrating Siyarix into a script? Here is what our exit codes mean:
| Exit Code | What it means |
|---|---|
| 0 | Success! Everything ran perfectly. |
| 1 | General Error. Usually an unknown command or a missing target. |
| 2 | Validation Error. A health check failed, or your syntax was invalid. |
| 3 | Critical Findings! We completed the scan and found high-severity issues. |
Note
👋 Welcome to Siyarix! This is a personal passion project built by a single developer. It's currently under active development and growing fast. Expect rough edges, but lots of love! ❤️
Welcome to the Siyarix Documentation Map! This page serves as your master compass for navigating the extensive documentation we have built for the platform.
Whether you are a brand new user, a seasoned security operator, or a developer looking to contribute to the core engine, you can find exactly what you need here.
Not sure where to start? Pick the path that best describes you:
Just getting started? We highly recommend following these guides in order:
- Installation Guide — Get Siyarix running on your machine.
- Onboarding Wizard — Let our interactive wizard help you set up your API keys and environment.
- Setup & Configuration — A deeper dive into customizing your setup.
- Your First Run — A gentle walkthrough of your very first Siyarix command.
Ready to put Siyarix to work? Dive into our operational guides:
- Interactive Chat (REPL) — Learn how to use the powerful interactive terminal.
- Security Workflows — Best practices for recon, vulnerability assessment, and incident response.
- Cloud & IaC Scanning — How to secure your cloud environments and infrastructure code.
- Compliance Frameworks — Map your scans to SOC 2, HIPAA, ISO 27001, and more.
Looking under the hood or wanting to write some code? Start here:
- Contribution Guide — Our workflow, standards, and how you can help!
- Codebase Overview — A comprehensive map of our 82+ source modules.
- Testing Standards — How we ensure reliability with pytest and CI/CD.
- Module Architecture — Component design and responsibilities.
If you prefer to browse the raw structure, here is a complete layout of the docs/ folder:
docs/
├── 🚀 getting-started/ # Installation, onboarding, and configuration
│ ├── installation.md # Multi-platform install (pip, brew, winget, docker)
│ ├── onboarding.md # The interactive 11-step setup wizard
│ ├── setup.md # Managing API keys, credentials, and settings
│ ├── first-run.md # A walkthrough of your first session
│ ├── configuration.md # A deep-dive into advanced settings
│ └── troubleshooting.md # Common issues and how to fix them instantly
│
├── 📖 user/ # Daily operations and workflows
│ ├── cli-commands.md # Reference for 50+ CLI commands across 12 groups
│ ├── interactive-chat.md # Mastering the AI REPL and 54+ slash commands
│ ├── security-workflows.md # Recon, vulnerability assessment, incident response
│ ├── cloud-scanning.md # Multi-cloud security scanning (under development)
│ ├── compliance.md # Framework mapping (SOC 2, NIST, GDPR, PCI-DSS)
│ ├── threat-intelligence.md# Integrations with OTX, NVD, and MITRE ATT&CK
│ ├── playbooks.md # Building automated YAML-based IR playbooks
│ ├── workflow-files.md # DAG workflow reference (programmatic API)
│ ├── reporting.md # Multi-format report generation
│ ├── offline-registry.md # Running without AI (Offline/Registry execution mode)
│ └── ai-workflows.md # Advanced AI-driven autonomous operations
│
├── 💻 developer/ # Building, testing, and extending Siyarix
│ ├── codebase-overview.md # Full module structure mapping
│ ├── contribution-guide.md # How to submit PRs and our coding standards
│ ├── module-architecture.md# Component design and responsibilities
│ ├── testing.md # Writing tests (pytest), coverage, and CI/CD
│ └── building.md # Packaging, distribution, and Docker builds
│
├── 🏗️ architecture/ # System design and core internals
│ ├── overview.md # High-level data flow and layered orchestration
│ ├── ai-agent-pipeline.md # The AgentCore reasoning and execution pipeline
│ ├── provider-abstraction.md# How we unify 26 different AI providers
│ ├── execution-engine.md # Plan-based step orchestration
│ ├── memory-and-state.md # Knowledge graph, session persistence, and learning
│ ├── security-model.md # The Permission Gate, DLP, audit logging, and OPSEC
│ └── intent-routing.md # Semantic intent classification and routing
│
├── 🧠 ai/ # Deep dive into the AI provider & agent systems
│ ├── routing.md # Managing 26 providers, failovers, and circuit breakers
│ ├── persona-system.md # Overview of our 10 security personas
│ ├── agent-reasoning.md # The Observe-Reason-Act loop and tool call repair
│ ├── tool-execution.md # The tool registry, capability graph, and parsers
│ ├── ensemble.md # Parallel LLM voting strategies
│ ├── multi-wave.md # Iterative goal execution with context carry-over
│ ├── prompt-architecture.md# System prompt design and management
│ └── safety.md # Our rigorous 8-layer hallucination mitigation system
│
├── 🛡️ security/ # Safety, ethics, and threat models
│ ├── reporting.md # How to safely report vulnerabilities to us
│ ├── threat-model.md # System threat model and our mitigations
│ ├── operational-security.md# TOR routing, stealth modes, and OPSEC controls
│ ├── ethical-policy.md # Mandatory rules of engagement for all users
│ └── abuse-prevention.md # How we prevent misuse of the AI engine
│
└── ⚖️ legal/ # Licensing and governance
├── agpl-guide.md # A plain-English overview of the AGPL-3.0-or-later license
├── why-agpl.md # The philosophy behind our license choice
├── trademark-policy.md # Branding and trademark guidelines
├── responsible-ai.md # Our framework for ethical AI usage
├── disclaimer.md # Important legal disclaimers
└── plugin-exception.md # The license exception for building custom plugins
As you read through the documentation, you might encounter some specific terms. Here is a quick cheat sheet:
| Term | What It Means |
|---|---|
| Provider | The backend AI engine powering Siyarix (e.g., OpenAI, Anthropic, Ollama). |
| Tool | A traditional security executable installed on your system (e.g., nmap, nuclei). |
| Plan | A step-by-step sequence of tool commands intelligently generated by the AI. |
| Workflow | A hardcoded, predefined execution path (usually defined in YAML/JSON) that doesn't require AI generation. |
| Persona | A specialized behavioral profile given to the AI (e.g., instructing it to act specifically as a "Network Recon Specialist"). |
| Knowledge Graph | Siyarix's internal memory where it stores findings (like IP addresses, open ports) to contextually inform future steps. |
Need help finding something specific? Feel free to use the search bar at the top of the documentation site, or open a discussion on our GitHub!