Uxarion

Uxarion exploit replay.

Move from exploit evidence to issue or PR, fix, redeploy, replay the exploit, and prove the vulnerability is closed.

Install open-source CLIRead essays
01
Exploit evidence
02
Issue / PR
03
Fix
04
Redeploy
05
Replay exploit
06
Prove fixed
Open-source CLI
Available now

Run Uxarion locally from the terminal and keep assessment work operator-driven.

Desktop app
Beta on demand

A local operator workspace for teams that want a guided visual runner.

Cloud testing
Beta

Projects, scopes, schedules, and run history for recurring replay checks.

Open source

Uxarion CLI is available now.

Uxarion is an open-source terminal security assessment agent for local, operator-driven testing. Install it globally, launch the terminal UI, add your API key, and run scoped work from your own machine.

CLI detailsGitHub repository
Quick installnpm
npm install -g uxarion
uxarion
Alternative install:
curl -fsSL https://raw.githubusercontent.com/rachidlaad/uxarion/main/install.sh | sh
Inspect targets and keep context across turns
Run terminal-first security workflows
Capture evidence, findings, and reports
Use your own API key or a local model backend
Connect ZAP through the API when needed
Fix loop

Close the loop after a vulnerability is found.

Turn proof into work

Convert exploit evidence into an issue or PR that includes the path, impact, and reproduction steps.

Replay after redeploy

Run the same exploit path after the fix ships so the team sees whether the vulnerable behavior is gone.

Keep the proof chain

Preserve the report, run notes, and replay output so the closure decision is based on evidence.

Essays

A place for practical security writing.

Why exploit replay matters more than another scanner result

An essay track for practical security work: evidence, ownership, fixes, and regression proof.

Local-first security agents and operator control

Notes on why Uxarion starts from the terminal and keeps scope, tools, and credentials close to the operator.

Open blog