Skip to content

Documentation

Vex Raptor

Self-hosted autonomous offensive security — deploy, pentest, verify, and report inside your perimeter.

  • Quickstart Deploy with Docker and run your first scan in ~15 minutes.

  • Run a pentest Web, API, or authenticated — pick a depth and go.

  • Confidence pipeline How Vex Raptor separates confirmed exploits from noise.

  • Self-hosting Runs on your infrastructure. Your attack surface never leaves.

What Vex Raptor is

A single engine that runs a multi-phase pentest against an authorized target: reconnaissance, TLS and header analysis, crawling, and active attacks (injection, XSS, SQLi, SSRF, auth bypass, business logic, and more). Confirmed findings ship with a reproducible proof of concept. The whole run streams live and ends in a report you can hand to an auditor.

It is designed to run on your own infrastructure (Docker, self-hosted), which makes it usable in air-gapped and regulated environments where sending your attack surface to a third-party cloud is not an option.

What Vex Raptor is not

Scope

Vex Raptor is a pentest tool, not a QA suite or an uptime monitor. It is not a replacement for a human red team on novel, business-logic-heavy engagements — independent 2025 benchmarks show autonomous agents still miss exploits that experienced humans find. Vex Raptor gives you speed, breadth, and reproducible verification; treat it as a force multiplier, not an oracle.

How it verifies findings

Vex Raptor does not report a vulnerability from a single hint. A finding is only promoted to CONFIRMED when a second, independent signal reproduces it (a re-probe, an out-of-band callback, or a second tool). Everything else is labelled by confidence level so you know exactly what was proven versus what needs a human look. See Confidence pipeline.

Where to go next

Authorized testing only

Only scan systems you own or have explicit written permission to test. See Responsible use.