PRODUCT DOCUMENTATION
Alienx Suite β modules, limits, and extensibility
What each part of the app does, and what you get on Community vs Pro. Compare limits in the table below, or jump to a module for details and screenshots.
- Community β free, runs locally, no telemetry. Full toolkit with the limits listed below.
- Pro β one-time license (Kickstarter or post-campaign). Higher limits and extras marked [PRO].
- Already backed Pro? Open Settings β License, paste your key, and activate. Pro stays available offline for up to 7 days without internet.
Community vs Pro
Community is built for real engagements β these are the main caps. Pro removes them and unlocks the rows marked [PRO].
| Area | Community | Pro [PRO] |
|---|---|---|
| Active projects | Up to 2 | No enforced cap |
| Intercept history (per project) | 10,000 entries (oldest dropped) | No cap |
| Blitz concurrency | 1 thread | Up to 64 (UI range) |
| Blitz requests per job | Max 500 iterations | No license cap |
| Recon β Dir bust threads | 8 threads max | Up to 64 (UI range) |
| Recon β Dir bust paths per job | 5,000 paths max | No path cap |
| Recon β Active crawl[PRO] | Not available | Authorized active scan with scope + confirmation |
| AiLienX agent sessions | 3 sessions per day | Unlimited |
| AiLienX tool rounds per turn | 6 rounds | 12 rounds |
| Enabled plugins | 1 at a time | No cap |
| Local HTTP API | 60 requests / minute | No local rate limit |
| Managed OOB (Interactsh via license API)[PRO] | Not available | Token from api.alienxsuite.com |
| Desktop MCP β input automation[PRO] | Read-only tools (screenshots, window list, β¦) | Mouse, keyboard, spawn, focus, SendSAS, β¦ |
Modules
Intercept
HTTPS-capable intercepting proxy with MITM CA, traffic history grid, inspector (request/response/preview), path map sidebar, and Rhai filter plugins on history rows.
Community
- Start/stop proxy, export/install CA, proxied browser launch
- Traffic history with SQL + plugin hybrid filtering
- Inspector: copy raw, send selection to Forge, response preview modes
- History capped at 10,000 entries per project (oldest rows dropped)
Pro [PRO]
- Removes the 10,000-entry history cap per project
Forge
Manual HTTP client (Repeater): edit raw requests, optional connect target, TLS SNI override, HTTP/2 ALPN mode, Content-Length fix, and response raw/preview tabs.
Community
- Send arbitrary HTTP/1-style requests through the suite transport stack
- Persist Repeater outbound settings (TLS SNI, HTTP/2) per instance
- Receive synthesized HTTP/1-shaped responses when using HTTP/2
Transform
Encoder/decoder utilities for inspecting and mutating payloads outside the proxy hot path. Route-map actions can load a captured request here.
Community
- Standard encode/decode workflows tied to captured traffic
Blitz
Automated fuzzing with §marker§ templates. Attack types: Sniper, Battering Ram, Pitchfork, and Cluster Bomb. Optional connect target (host or host:port) without altering raw HTTP.
Community
- 1 concurrent thread per job
- Jobs truncated to 500 requests maximum
- Progress streaming and per-row results (status, length, timing, anomalies)
Pro [PRO]
- Concurrency up to 64 (same UI range as Pro; Community capped at 1)
- No 500-request job truncation from license enforcement
OOB
Out-of-band interaction tracking. Replace §OOB§ placeholders in Blitz/Forge templates. Background polling hub logs interactions in-app.
Community
- Custom mode: supply your own Interactsh-compatible token and server
- Transparent interaction log while polling is configured
Pro [PRO]
- Managed Pro mode: OOB token fetched from the license API (requires valid Pro JWT)
- Primary server defaults to the Alienx-managed Interactsh endpoint
Recon
Passive findings from proxied traffic, route map tree (host/path aggregation), Dir bust, and optional authorized active crawl. Findings stored per project in SQLite.
Community
- Passive scan over existing traffic rows (does not capture HTTP by itself)
- Route map: expand hosts/paths, open in history, send to Forge, Dir bust, Chat, Agents
- Dir bust capped at 8 threads and 5,000 paths per job
Pro [PRO]
- Active crawl with seed URL, scope host, max pages, delay, and authorization checkbox
- Rhai active-scan plugins (`fn scan(ctx, config)`) via the active scanner pipeline
- Dir bust thread/path caps removed
Agents & AiLienX
Multi-role agent runtime with BYOK LLM profiles. Built-in roles plus skill plugins. AiLienX (`suite.ailienx`) orchestrates tools against project scope with audit events.
Community
- Start agent sessions with role ID, objective, and LLM profile
- 3 AiLienX sessions per calendar day
- 6 tool-call rounds per AiLienX turn
- Read-only desktop MCP tools available to agents
Pro [PRO]
- Unlimited agent sessions per day
- 12 tool-call rounds per AiLienX turn
- Pro-gated agent tools: desktop input automation, `playwright_run`
- Pro-first skill roles (e.g. blind SQLi, command injection) remain usable on Community with reduced tooling
Chat & Operations
Chat tab: LLM sessions scoped to the current project (separate from tool-using Agents). Operations tab surfaces long-running jobs and audit-oriented workflows.
Community
- Chat: create sessions, pick LLM profile, send messages
- Route map can prefill Chat or Agent messages with captured URL context
Projects, WebSockets & Vulnerability intel
Project switcher isolates traffic, findings, agents, and settings. WebSockets module tracks upgraded connections. Vulnerability intel queries external sources (NVD, CISA KEV, EPSS, searchsploit) when configured.
Community
- Up to 2 active projects
- WebSockets traffic inspection per project
- Vuln intel: CVE lookup, KEV, EPSS, Exploit-DB via searchsploit; optional ALIENX_VULNDB_URL
Pro [PRO]
- Unlimited active projects
Integrations & Match & Replace
Configure upstream proxy, MCP server paths (including desktop-ui-hook), and Match & Replace rules applied on the intercept hot path.
Community
- Proxy upstream settings and suite-wide Match & Replace
- MCP stdio client shared by agents, Local API, and Rhai active plugins
Plugins (Rhai)
Local plugins: manifest JSON + Rhai scripts under `plugins/{id}/`. Kinds: Filter, Proxy, Ui, Active. Permissions gate log, headers, body, message mutation, desktop MCP, and Interactsh.
Community
- Filter plugins: `fn filter(entry, ctx)` β `{ keep, score, tag }` on history rows
- Proxy hooks: `fn on_request(msg, ctx)` / `fn on_response(msg, ctx)`
- Only 1 enabled plugin at a time
Pro [PRO]
- No limit on simultaneously enabled plugins
- Active scan scripts participate in the Pro-only active scanner pipeline
Also see: extensibility
Desktop MCP
Native stdio MCP client for desktop-ui-hook-mcp. Used by AiLienX tools, Local API ops, and Rhai active plugins (with DesktopUi permission).
Community
- desktop_wait_ms, desktop_screen_info, desktop_screenshot_*
- desktop_window_list, desktop_active_window, desktop_permissions_status
- desktop_secure_desktop_detect / capture (Windows elevated)
Pro [PRO]
- desktop_mouse_*, desktop_keyboard_*, desktop_spawn, desktop_kill_session
- desktop_window_focus_*, desktop_send_sas, desktop_secure_desktop_click
- Aggregated gates: screen_control, mcp_screen_hook, playwright_run (agent tool)
Local API
The desktop app exposes a local HTTP API (used by scripts and external tooling). Community installs rate-limit mutating routes to 60 requests per minute; Pro removes that cap. Agent session creation via the API follows the same daily session limits as the UI.
- Health checks and read-only routes work on both tiers.
- Blitz, Dir bust, active scans, and agent sessions follow the same Community vs Pro limits as the UI β the app tells you when you need to upgrade.
Extension API (Rhai)
Plugins live under your app data directory: plugins/{id}/manifest.json plus Rhai scripts referenced by hooks. The plugin editor ships inside the desktop app.
// Filter plugin β return #{ keep, score, tag }
fn filter(entry, ctx) {
let ct = entry.content_type();
if contains_ci(ct, "json") && entry.status_class() == 5 {
ctx.log("5xx JSON response β keep for review");
return #{ keep: true, score: 0.9, tag: "5xx-json" };
}
if entry.path().ends_with(".js") {
return #{ keep: true, score: 1.0, tag: "js" };
}
#{ keep: false, score: 0.0, tag: "" }
}// Proxy plugin β fn on_request(msg, ctx) / fn on_response(msg, ctx)
fn on_request(msg, ctx) {
if contains_ci(msg.header("User-Agent"), "bot") {
msg.set_header("X-Alienx-Audit", "proxy-hook");
}
}Script surfaces
- Filter β
TrafficEntryview,FilterContext.log, return#{ keep, score, tag } - Proxy β
HttpMessagewith permission-gatedset_header,replace_body - Active [PRO] β
fn scan(ctx, config)returns finding maps;ActiveContextexposeshttp_request,dir_bust_start, optionaldesktop_ui_call,interactsh_*when permissions allow - Ui β manifest kind for UI extensions (see plugin editor)
Pro-first agent skill roles [PRO]
These specialist roles run on Community with a smaller toolset. Full desktop automation and browser control require Pro.
- Post-exploitation β privilege escalation
- Network β Kerberoasting
- Research β zero-day hypothesis
- Web β blind time-based SQL injection
- Web β command injection
License activation
- Purchase or receive a Pro key (Kickstarter backer, Stripe checkout, or team allocation).
- Open Settings β License, paste the key, and activate online.
- Your license is tied to one machine and refreshes automatically when you are online (about once a week).
- No internet for a while? Pro keeps working for up to 7 days offline, then reverts to Community until you connect again.