Strix Advanced Tools
EN
← All tools

Strix Vantage

One command runs a full, WAF-safe recon pipeline on your lab.
Linux Recon Python
⚠️ Vantage sends active scan traffic (port scans, fuzzing, vulnerability probes). Use it ONLY against systems you own or are explicitly authorized to test — e.g. your own local intentionally-vulnerable lab. Unauthorized scanning is illegal in most places.

Strix Vantage is a free, open-source recon-automation pipeline for Linux that chains ~25 Kali tools (nmap, nuclei, httpx, ffuf and more) into one WAF-safe command for authorized penetration-testing practice against your own intentionally-vulnerable lab.

Vantage chains around 25 industry-standard Kali tools — subdomain enumeration, liveness, port and TLS scans, crawling, fuzzing, and vulnerability checks — into a single command with live terminal status and a tidy report. It is built for sharpening your web-security skills against a local intentionally-vulnerable lab (or any target you own or are authorized to test), with an IDS/WAF-safe, low-and-slow design and an optional terminal UI.

Price
Free — open-source (MIT)
Platforms
Linux
Category
Recon
Built with
Python
Open-source alternative to
reconftw, manual Kali tool-chaining, ad-hoc recon scripts
Telemetry
None — fully offline
Updated

A look inside

Strix Vantage — One command runs a full, WAF-safe recon pipeline on your lab.. Screenshot of the recon tool running on Linux.

What it does

  • Chains ~25 tools (nmap, nuclei, httpx, ffuf, katana, sqlmap, …) into one recon pipeline
  • IDS/WAF-safe by design: lower rate + jitter, not faster hammering (stealth/thorough profiles)
  • Scopes active scanning to your primary target; a light fingerprint on everything else
  • Live terminal status + a formatted report; optional Textual TUI with a history browser
  • Hardened: no shell (argv-only), and auto-install is opt-in with a supply-chain warning

What Strix Vantage deliberately does not do

  • It is for authorized targets only — a one-time consent gate enforces this before any active scan.
  • It orchestrates upstream tools; it does not bundle or modify them.
  • It is Linux/Kali only (no Windows or macOS build).

Installation

🐧 Linux (Ubuntu / Debian)

git clone https://github.com/strix-tool/strix-vantage
cd strix-vantage
sudo python3 vantage.py localhost:3000 --profile stealth

Frequently asked

Is this legal to use?

Only against systems you own or are explicitly authorized to test — like an intentionally-vulnerable practice app or a cybersecurity lab you control. Active scanning of systems you do not own is illegal in most jurisdictions; you are responsible for your use.

Does it need Kali or root?

It targets Kali Linux and its standard toolchain; sudo enables SYN scans and the (opt-in) auto-installer. It runs on other Linux distros when the tools are already installed.

Powered by open source

Vantage orchestrates these open-source tools — it does not bundle or modify them. Huge thanks to every upstream project.

nmapnucleihttpxsubfinderffufkatanasqlmapwafw00famassgobusterniktodalfox
Full acknowledgements & links →