
Sirius is an open-source comprehensive vulnerability scanner that leverages community-driven security intelligence and automated penetration testing capabilities. v1.0.0 is the first production release, bringing the complete scanning platform, hardened CI/CD workflows, and release-grade deployment readiness. Get started in minutes with our Docker-based setup.
# Clone and start Sirius (uses prebuilt images from GitHub Container Registry)
git clone https://github.com/SiriusScan/Sirius.git
cd Sirius
docker compose up -d
# Access the web interface
open http://localhost:3000
Note: By default, Sirius uses prebuilt container images from GitHub Container Registry for fast deployments (5-8 minutes). For local development with source code changes, use docker compose -f docker-compose.yaml -f docker-compose.dev.yaml up -d.
Login Credentials:
adminpassword⚠️ Security Notice: Change these default credentials immediately in production environments.
/system-monitorThe default configuration provides a complete scanning environment:
git clone https://github.com/SiriusScan/Sirius.git
cd Sirius
docker compose up -d
For the cleanest experience without development tooling:
git clone https://github.com/SiriusScan/Sirius.git
cd Sirius
docker compose -f docker-compose.user.yaml up -d
For production environments with optimized performance:
git clone https://github.com/SiriusScan/Sirius.git
cd Sirius
docker compose -f docker-compose.production.yaml up -d
# Check all services are running
docker ps
# Expected services:
# - sirius-ui (port 3000)
# - sirius-api (port 9001)
# - sirius-engine (ports 5174, 50051)
# - sirius-postgres (port 5432)
# - sirius-rabbitmq (ports 5672, 15672)
# - sirius-valkey (port 6379)
# Access web interface
curl http://localhost:3000
# Check API health
curl http://localhost:9001/health
Sirius uses a microservices architecture with the following components:
| Service | Description | Technology | Ports | Purpose |
|---|---|---|---|---|
| sirius-ui | Web frontend | Next.js 14, React, TailwindCSS | 3000 | User interface and visualization |
| sirius-api | REST API backend | Go, Gin framework | 9001 | API endpoints and business logic |
| sirius-engine | Multi-service container | Go, Air live-reload | 5174, 50051 | Scanner, terminal, and agent services |
| sirius-postgres | Primary database | PostgreSQL 15 | 5432 | Vulnerability and scan data storage |
| sirius-rabbitmq | Message queue | RabbitMQ | 5672, 15672 | Inter-service communication |
| sirius-valkey | Cache layer | Redis-compatible | 6379 | Session and temporary data |
User Interface (sirius-ui)
↓ HTTP/WebSocket
REST API (sirius-api)
↓ AMQP Messages
Message Queue (sirius-rabbitmq)
↓ Queue Processing
Scanning Engine (sirius-engine)
↓ SQL Queries
Database (sirius-postgres)

Your central command center featuring:

Advanced scanning capabilities:

Comprehensive vulnerability management:

Complete infrastructure visibility:

In-depth system analysis:

Advanced operations console:
Perfect for security professionals and penetration testers:
git clone https://github.com/SiriusScan/Sirius.git
cd Sirius
docker compose up -d
This configuration provides:
Want to contribute to Sirius? We welcome contributions from the community!
For Developers: Check out our comprehensive Contributing Guide for:
Quick Links: - Development Setup - Testing Guide - Code Standards - GitHub Issues
Join our community and help make security scanning accessible to everyone!
Sirius provides comprehensive APIs for integration with existing security workflows:
/api/auth - JWT-based authentication/api/hosts - Host management and discovery/api/scans - Scan management and execution/api/vulnerabilities - Vulnerability data access/api/reports - Report generation and export# Start a network scan via API
curl -X POST http://localhost:9001/api/scans \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"target": "192.168.1.0/24", "scan_type": "network"}'
# Get vulnerability summary
curl http://localhost:9001/api/vulnerabilities/summary \
-H "Authorization: Bearer $TOKEN"
# Export scan results
curl http://localhost:9001/api/reports/scan/123/pdf \
-H "Authorization: Bearer $TOKEN" \
-o scan-report.pdf
Problem: Services fail to start
# Diagnosis
docker compose ps # Check service status
docker compose logs <service> # View service logs
docker system df # Check disk space
# Solutions
docker compose down && docker compose up -d --build # Fresh restart
docker system prune -f # Clean up space
Problem: Infrastructure services (PostgreSQL, RabbitMQ, Valkey) don't start
# This occurs when using only docker-compose.dev.yaml
# The dev file is an OVERRIDE file, not standalone
# ❌ Wrong (only starts 3 services):
docker compose -f docker-compose.dev.yaml up -d
# ✅ Correct (starts all 6 services):
docker compose -f docker-compose.yaml -f docker-compose.dev.yaml up -d
Problem: "Port already in use" errors
# Find process using port
netstat -tuln | grep 3000
lsof -i :3000
# Solution: Stop conflicting service or change port
docker compose down
# Edit docker-compose.yaml to use different ports if needed
Problem: Nmap errors or scanning failures
# Check scanner logs
docker logs sirius-engine | grep -i nmap
# Test Nmap directly
docker exec sirius-engine nmap --version
docker exec sirius-engine nmap -p 80 127.0.0.1
# Common fixes
docker restart sirius-engine
docker exec sirius-engine which nmap # Verify Nmap installation
Problem: "Duplicate port specification" warnings
# This is resolved in current version, but if you see it:
docker exec sirius-engine grep -r "port.*specification" /app-scanner-src/
# Should show corrected port ranges like "1-1000,3389"
Problem: Database connection failures
# Check PostgreSQL status
docker exec sirius-postgres pg_isready
docker logs sirius-postgres
# Test connection
docker exec sirius-postgres psql -U postgres -d sirius -c "SELECT version();"
# Reset database if needed
docker compose down
docker volume rm sirius_postgres_data
docker compose up -d
Problem: RabbitMQ connectivity issues
# Check RabbitMQ status
docker exec sirius-rabbitmq rabbitmqctl status
# View queue status
docker exec sirius-rabbitmq rabbitmqctl list_queues
# Access management interface
open http://localhost:15672 # guest/guest
Problem: RabbitMQ schema integrity check failed
# This occurs when RabbitMQ has old data from an incompatible version
# Solution: Remove old volumes and restart fresh
docker compose down -v # For standard setup
# Or for development:
docker compose -f docker-compose.yaml -f docker-compose.dev.yaml down -v
docker compose -f docker-compose.yaml -f docker-compose.dev.yaml up -d
Problem: Services can
$ claude mcp add Sirius \
-- python -m otcore.mcp_server <graph>