Installation#
Requirements#
| Component | Requirement |
|---|---|
| Container Runtime | Docker, Podman, or nerdctl |
| Python | 3.10+ (for CLI wrapper; not needed for container-direct) |
| OS | Linux, macOS, Windows (WSL2 recommended) |
Install the CLI#
With MCP support:
uv is a fast Python package manager written in Rust. It's significantly faster than pip and handles virtual environments automatically.
# Install uv (if you don't have it)
curl -LsSf https://astral.sh/uv/install.sh | sh
# Install APHIDS
uv pip install git+https://github.com/darksidesecurity/aphids.git
# With MCP support
uv pip install "aphids-cli[mcp] @ git+https://github.com/darksidesecurity/aphids.git"
Or use uv tool to install as an isolated CLI tool:
pipx installs CLI tools in isolated virtual environments, keeping your system Python clean.
Pull the Container#
The APHIDS container is based on Kali Linux and ships with all 40+ security tools pre-installed. No additional tool installation is required.
Container Runtimes#
APHIDS auto-detects your container runtime in this priority order:
- Docker — Most widely available
- Podman — Rootless, daemonless (RHEL/Fedora)
- nerdctl — containerd CLI (Rancher Desktop, Lima)
Override auto-detection:
# CLI flag
aphids-cli --runtime podman -o options.yaml
# Environment variable
export APHIDS_CONTAINER_RUNTIME=podman
Container Security#
APHIDS containers run with hardened security defaults:
- Ephemeral containers (
--rm) — no persistent state - Dropped capabilities (
--cap-drop ALL) - No privilege escalation (
--security-opt no-new-privileges) - Read-only workspace mounts (
:ro) for static analysis - Network isolation (
--network none) for SAST tools
Custom Container Images#
Build a custom image with additional tools:
FROM ghcr.io/darksidesecurity/aphids:latest
# Add your tools
RUN apt-get update && apt-get install -y your-tool
# Or add custom scripts
COPY my-scripts/ /home/sasquatch/app/Wrappers/my-tool/