Sirius is an open-source comprehensive vulnerability scanner that leverages community-driven security intelligence and automated penetration testing capabilities. v0.4.0 introduces comprehensive system monitoring and observability features. Get started in minutes with our Docker-based setup.
- Docker Engine 20.10.0+ with Docker Compose V2
- System Requirements: 4GB RAM minimum, 10GB free disk space
- Network Access: Internet connectivity for vulnerability database updates
- Supported Platforms: Linux, macOS, Windows (with WSL2)
# Clone and start Sirius (uses prebuilt images from GitHub Container Registry)
git clone https://github.com/SiriusScan/Sirius.git
cd Sirius
docker compose up -d
# Access the web interface
open http://localhost:3000Note: By default, Sirius uses prebuilt container images from GitHub Container Registry for fast deployments (5-8 minutes). For local development with source code changes, use docker compose -f docker-compose.yaml -f docker-compose.dev.yaml up -d.
Login Credentials:
- Username:
admin - Password:
password
- Real-time Health Monitoring: Live service health checks for all components
- Centralized Logging: Unified log collection and management system
- Performance Metrics: Container resource utilization tracking
- System Dashboard: Comprehensive monitoring interface at
/system-monitor
- Improved Container Builds: Production-ready Docker configurations
- Better Error Handling: Comprehensive error management and recovery
- SSH Troubleshooting: Enhanced debugging capabilities for deployments
- Automated Testing: Robust container testing and validation
The default configuration provides a complete scanning environment:
git clone https://github.com/SiriusScan/Sirius.git
cd Sirius
docker compose up -dFor the cleanest experience without development tooling:
git clone https://github.com/SiriusScan/Sirius.git
cd Sirius
docker compose -f docker-compose.user.yaml up -dFor production environments with optimized performance:
git clone https://github.com/SiriusScan/Sirius.git
cd Sirius
docker compose -f docker-compose.production.yaml up -d# Check all services are running
docker ps
# Expected services:
# - sirius-ui (port 3000)
# - sirius-api (port 9001)
# - sirius-engine (ports 5174, 50051)
# - sirius-postgres (port 5432)
# - sirius-rabbitmq (ports 5672, 15672)
# - sirius-valkey (port 6379)
# Access web interface
curl http://localhost:3000
# Check API health
curl http://localhost:9001/health- π Network Discovery: Automated host discovery and service enumeration
- π‘οΈ Vulnerability Assessment: CVE-based vulnerability detection with CVSS scoring
- π Risk Management: Comprehensive risk scoring and remediation guidance
- πͺ Visual Scanning Workflows: Drag-and-drop scan configuration
- π Automated Scanning: Scheduled and continuous security assessments
- π‘ Remote Agent Support: Distributed scanning across multiple environments
- π» Interactive Terminal: PowerShell-based command interface for advanced operations
- π Real-time Dashboards: Live scanning progress and vulnerability metrics
- Network Scanning: Nmap-based port and service discovery
- Vulnerability Scanning: NSE script-based vulnerability detection
- SMB/Windows Assessment: Specialized Windows security testing
- Custom Workflows: User-defined scanning configurations
- Agent-based Scanning: Remote endpoint assessment
Sirius uses a microservices architecture with the following components:
| Service | Description | Technology | Ports | Purpose |
|---|---|---|---|---|
| sirius-ui | Web frontend | Next.js 14, React, TailwindCSS | 3000 | User interface and visualization |
| sirius-api | REST API backend | Go, Gin framework | 9001 | API endpoints and business logic |
| sirius-engine | Multi-service container | Go, Air live-reload | 5174, 50051 | Scanner, terminal, and agent services |
| sirius-postgres | Primary database | PostgreSQL 15 | 5432 | Vulnerability and scan data storage |
| sirius-rabbitmq | Message queue | RabbitMQ | 5672, 15672 | Inter-service communication |
| sirius-valkey | Cache layer | Redis-compatible | 6379 | Session and temporary data |
User Interface (sirius-ui)
β HTTP/WebSocket
REST API (sirius-api)
β AMQP Messages
Message Queue (sirius-rabbitmq)
β Queue Processing
Scanning Engine (sirius-engine)
β SQL Queries
Database (sirius-postgres)
- PostgreSQL: Vulnerability data, scan results, host information
- SQLite: User authentication and session data (development)
- Valkey/Redis: Caching, temporary scan data, session storage
- RabbitMQ: Message queues for scan requests and agent communication
Your central command center featuring:
- Real-time scanning activity and progress monitoring
- Latest vulnerability discoveries with severity trends
- System performance metrics and resource utilization
- Quick-access controls for common scanning operations
- Executive summary with risk scoring
Advanced scanning capabilities:
- Visual Workflow Editor: Drag-and-drop scan module configuration
- Real-time Progress: Live scan status with detailed logging
- Custom Profiles: Save and reuse scanning configurations
- Scheduled Scans: Automated scanning with cron-like scheduling
- Multi-target Support: Scan multiple hosts, networks, or IP ranges
- NSE Script Integration: Custom Nmap scripts for specialized testing
Comprehensive vulnerability management:
- Dynamic Filtering: Real-time search across all vulnerability data
- Risk Prioritization: CVSS-based severity sorting and filtering
- Detailed Reports: CVE/CPE mapping with remediation guidance
- Export Capabilities: PDF, CSV, and JSON report generation
- Historical Tracking: Vulnerability timeline and remediation progress
- Integration Ready: API endpoints for external security tools
Complete infrastructure visibility:
- Asset Inventory: Comprehensive host and service discovery
- Network Topology: Interactive visualization of discovered infrastructure
- Risk Assessment: Environment-wide security posture analysis
- Service Enumeration: Detailed service versioning and configuration
- Compliance Tracking: Security baseline monitoring and reporting
In-depth system analysis:
- System Profiling: Complete hardware and software inventory
- Port Analysis: Detailed service discovery and version detection
- Security Metrics: Host-specific vulnerability counts and risk scores
- Historical Data: Scan history and security trend analysis
- Remediation Tracking: Fix validation and security improvement monitoring
Advanced operations console:
- PowerShell Environment: Full scripting capabilities for automation
- Agent Management: Remote agent deployment and configuration
- Custom Scripts: Execute custom security testing scripts
- Batch Operations: Bulk scanning and management operations
- System Diagnostics: Real-time system health and performance monitoring
Perfect for security professionals and penetration testers:
git clone https://github.com/SiriusScan/Sirius.git
cd Sirius
docker compose up -dThis configuration provides:
- β Complete scanning capabilities out-of-the-box
- β Pre-configured vulnerability databases
- β No additional setup required
- β Production-ready security scanning
Want to contribute to Sirius? We welcome contributions from the community!
For Developers: Check out our comprehensive Contributing Guide for:
- π§ Development environment setup
- π Development workflow and best practices
- π§ͺ Testing and quality assurance
- π Code standards and Git workflow
- π Submitting pull requests
Quick Links:
Join our community and help make security scanning accessible to everyone!
Sirius provides comprehensive APIs for integration with existing security workflows:
- Authentication:
/api/auth- JWT-based authentication - Hosts:
/api/hosts- Host management and discovery - Scans:
/api/scans- Scan management and execution - Vulnerabilities:
/api/vulnerabilities- Vulnerability data access - Reports:
/api/reports- Report generation and export
- Real-time Updates: Live scan progress and vulnerability notifications
- Agent Communication: Bidirectional agent management
- System Monitoring: Live system metrics and health status
# Start a network scan via API
curl -X POST http://localhost:9001/api/scans \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"target": "192.168.1.0/24", "scan_type": "network"}'
# Get vulnerability summary
curl http://localhost:9001/api/vulnerabilities/summary \
-H "Authorization: Bearer $TOKEN"
# Export scan results
curl http://localhost:9001/api/reports/scan/123/pdf \
-H "Authorization: Bearer $TOKEN" \
-o scan-report.pdfProblem: Services fail to start
# Diagnosis
docker compose ps # Check service status
docker compose logs <service> # View service logs
docker system df # Check disk space
# Solutions
docker compose down && docker compose up -d --build # Fresh restart
docker system prune -f # Clean up spaceProblem: Infrastructure services (PostgreSQL, RabbitMQ, Valkey) don't start
# This occurs when using only docker-compose.dev.yaml
# The dev file is an OVERRIDE file, not standalone
# β Wrong (only starts 3 services):
docker compose -f docker-compose.dev.yaml up -d
# β
Correct (starts all 6 services):
docker compose -f docker-compose.yaml -f docker-compose.dev.yaml up -dProblem: "Port already in use" errors
# Find process using port
netstat -tuln | grep 3000
lsof -i :3000
# Solution: Stop conflicting service or change port
docker compose down
# Edit docker-compose.yaml to use different ports if neededProblem: Nmap errors or scanning failures
# Check scanner logs
docker logs sirius-engine | grep -i nmap
# Test Nmap directly
docker exec sirius-engine nmap --version
docker exec sirius-engine nmap -p 80 127.0.0.1
# Common fixes
docker restart sirius-engine
docker exec sirius-engine which nmap # Verify Nmap installationProblem: "Duplicate port specification" warnings
# This is resolved in current version, but if you see it:
docker exec sirius-engine grep -r "port.*specification" /app-scanner-src/
# Should show corrected port ranges like "1-1000,3389"Problem: Database connection failures
# Check PostgreSQL status
docker exec sirius-postgres pg_isready
docker logs sirius-postgres
# Test connection
docker exec sirius-postgres psql -U postgres -d sirius -c "SELECT version();"
# Reset database if needed
docker compose down
docker volume rm sirius_postgres_data
docker compose up -dProblem: RabbitMQ connectivity issues
# Check RabbitMQ status
docker exec sirius-rabbitmq rabbitmqctl status
# View queue status
docker exec sirius-rabbitmq rabbitmqctl list_queues
# Access management interface
open http://localhost:15672 # guest/guestProblem: RabbitMQ schema integrity check failed
# This occurs when RabbitMQ has old data from an incompatible version
# Solution: Remove old volumes and restart fresh
docker compose down -v # For standard setup
# Or for development:
docker compose -f docker-compose.yaml -f docker-compose.dev.yaml down -v
docker compose -f docker-compose.yaml -f docker-compose.dev.yaml up -dProblem: Services can't communicate
# Test internal network
docker exec sirius-ui ping sirius-api
docker exec sirius-api ping sirius-postgres
# Check network configuration
docker network ls
docker network inspect sirius_defaultProblem: External access issues
# Verify port mapping
docker port sirius-ui
docker port sirius-api
# Check firewall (Linux)
sudo ufw status
sudo iptables -L
# Check firewall (macOS)
sudo pfctl -s allComplete System Reset:
# Stop all services
docker compose down
# Remove all data (β οΈ This deletes all scan data!)
docker compose down -v
# Clean Docker system
docker system prune -a -f
# Fresh start
docker compose up -d --buildBackup Current Data:
# Backup database
docker exec sirius-postgres pg_dump -U postgres sirius > backup.sql
# Backup scan results directory
docker cp sirius-engine:/opt/sirius/ ./sirius-backup/Essential Security Steps:
- Change Default Credentials:
# Update in docker-compose.production.yaml
POSTGRES_PASSWORD=your_secure_password
RABBITMQ_DEFAULT_PASS=your_secure_password
NEXTAUTH_SECRET=your_long_random_secret- Network Security:
# Use internal networks for service communication
# Expose only necessary ports (3000 for UI)
# Configure firewall rules
sudo ufw allow 3000/tcp
sudo ufw deny 5432/tcp # Don't expose database- SSL/TLS Configuration:
# Use reverse proxy with SSL (nginx/traefik)
# Enable HTTPS for web interface
# Secure API endpoints with proper certificates- Data Protection:
# Encrypt database backups
# Secure volume mounts
# Regular security updates
docker compose pull # Update images regularly- Network Isolation: Run scans from isolated networks when possible
- Permission Management: Use least-privilege principles for scan accounts
- Scan Scheduling: Perform intensive scans during maintenance windows
- Data Retention: Implement appropriate data lifecycle policies
- Audit Logging: Enable comprehensive logging for compliance
- π Installation Guide - Detailed setup instructions
- π― Quick Start Guide - Get scanning in 5 minutes
- πͺ Interface Tour - Complete UI walkthrough
- π§ Configuration Guide - Advanced configuration options
- π‘οΈ Security Guide - Production security best practices
- π API Reference - Complete API documentation
- π¦ Go SDK - Go integration library
- π³ Docker Guide - Comprehensive Docker documentation
- ποΈ Architecture Guide - System architecture deep-dive
- π CI/CD Guide - Deployment automation
- π Scanning Guide - Advanced scanning techniques
- π― Vulnerability Management - Managing discovered vulnerabilities
- π Environment Management - Infrastructure assessment
- π₯οΈ Host Management - Individual host analysis
- π» Terminal Guide - Advanced PowerShell operations
- β FAQ - Frequently asked questions
- π GitHub Issues - Bug reports and feature requests
- π¬ Discord Community - Real-time community support
- π€ Contributing Guide - How to contribute to Sirius
- π§ Support Contact - Direct technical support
| Use Case | CPU | RAM | Storage | Network |
|---|---|---|---|---|
| Personal Lab | 2 cores | 4GB | 20GB | Basic |
| Small Business | 4 cores | 8GB | 100GB | Dedicated |
| Enterprise | 8+ cores | 16GB+ | 500GB+ | High-speed |
| MSP/Large Scale | 16+ cores | 32GB+ | 1TB+ | Enterprise |
# Monitor resource usage
docker stats
# Optimize for large environments
# Edit docker-compose.yaml and add:
services:
sirius-engine:
deploy:
resources:
limits:
cpus: '4.0'
memory: 8G
reservations:
cpus: '2.0'
memory: 4G- β Fixed Nmap Configuration: Resolved duplicate port specification warnings
- β Enhanced Development Mode: Improved volume mounting for local development
- β Better Error Handling: Enhanced debugging and logging capabilities
- β Performance Improvements: Optimized container startup and resource usage
- β Security Enhancements: Updated default configurations and security practices
- π Advanced Reporting: Enhanced PDF and dashboard reporting
- π― AI-Powered Analysis: Automated vulnerability risk assessment
- π± Mobile Support: Mobile-responsive interface improvements
- π Plugin System: Extensible scanning module architecture
- βοΈ Cloud Integration: Native cloud platform scanning support
This project is licensed under the terms specified in the LICENSE file.
π Ready to start scanning? Follow our Quick Start Guide and have Sirius running in under 5 minutes!
π‘ Need help? Join our Discord community for real-time support and discussion.
π Found a bug? Report it on GitHub Issues - we respond quickly!
For production deployments, always change default credentials and review our Security Guide for best practices.