Skip to main content

Terminal-native, offline, zero-knowledge, quantum-resilient password intelligence vault

Project description

Nyxora — Tactical Secrets Vault

Your passwords. Your machine. No cloud. No compromise.

PyPI Python CI Coverage Platform License


Nyxora is an offline password manager that runs entirely in your terminal. Your vault is stored on your machine, encrypted with military-grade cryptography — nothing ever leaves it. No accounts. No cloud. No subscriptions.


Preview

Nyxora TUI — Obsidian Tactical vault browser

nyx tui — interactive vault browser with live TOTP codes, strength ratings, and instant search


Install

Recommended — works on Windows and Linux:

pipx install nyxora

Standard pip:

pip install nyxora

Windows — no Python required:

Download nyx.exe from the latest release and run it from any terminal.


Quick Start

# 1. Create your vault (one time only)
nyx vault init

# 2. Unlock it
nyx vault unlock

# 3. Add a password
nyx secret add -t "GitHub" -u "your-username" --generate

# 4. Open the interactive browser
nyx tui

That's it. Your vault is encrypted and stored locally at ~/.nyxora/vault.nyx.


What can Nyxora do?

🔒 Store secrets Passwords, usernames, URLs, notes, custom fields — all encrypted
🖥️ Interactive TUI Visual vault browser with search, TOTP codes, and strength ratings
🛡️ Security audit Scan for weak, reused, or breached passwords (via HaveIBeenPwned)
📋 Clipboard Copy passwords to clipboard — auto-clears after 30 seconds
🔑 Generator Passwords, passphrases, API keys, SSH keys with entropy analysis
🔐 TOTP support Store 2FA secrets per entry — live codes shown in the TUI and CLI
📦 Import Bring in passwords from Bitwarden, 1Password, or any CSV export
🔌 Scripting Pipe credentials into scripts without exposing them in shell history
🐍 Python SDK from nyxora import VaultClient — programmatic vault access
💾 Backups Create, verify, and restore encrypted vault backups
🚨 Emergency access Recovery capsules and Shamir secret sharing for catastrophic scenarios

Commands

Vault

nyx vault init              # create a new vault
nyx vault unlock            # unlock your vault
nyx vault lock              # lock and wipe session
nyx vault status            # show vault status
nyx vault change-password   # change master password
nyx vault panic             # emergency wipe — destroys session immediately
nyx vault profiles          # manage multiple vaults

Secrets

nyx secret add              # add a new entry
nyx secret list             # list all entries
nyx secret get "GitHub"     # get an entry by title
nyx secret get "GitHub" --copy   # copy password to clipboard
nyx secret update "GitHub"  # update an entry
nyx secret delete "GitHub"  # delete an entry
nyx secret totp "GitHub"    # show live TOTP code
nyx secret clone "GitHub"   # duplicate an entry
nyx secret search "git"     # search by title, username, or URL

Generate

nyx generate password                        # random password
nyx generate password --length 32            # custom length
nyx generate password --min-strength strong  # enforce strength
nyx generate passphrase --words 6            # diceware passphrase
nyx generate api-key --prefix NYX            # API key with prefix
nyx generate entropy "hunter2"              # analyse any password

Security

nyx security audit          # full vault audit
nyx security audit --no-hibp    # skip breach check
nyx security health         # vault health score (0–100)
nyx security due            # passwords overdue for rotation
nyx security log            # audit event history
nyx security forensic       # full integrity verification

Scripting

# Pipe a password to a command's stdin
nyx script pipe "GitHub" -- some-command

# Inject credentials as environment variables
nyx script run "AWS" -- aws s3 ls

# Fuzzy-find entries (requires fzf)
nyx script fzf --copy

# Machine-readable output
nyx --json secret list
nyx --json vault status

Other

nyx backup create / list / verify / restore   # vault backups
nyx locker encrypt <file>                     # encrypt any file
nyx recovery status                           # check recovery setup
nyx update check / install / rollback         # manage updates
nyx tui                                       # interactive browser

Security

Nyxora is designed to keep your passwords secure even if your machine is compromised:

  • Argon2id key derivation — memory-hard, resistant to brute force
  • XChaCha20-Poly1305 encryption — authenticated, tamper-evident
  • Per-entry HMAC integrity checks — detects any modification
  • Memory locking — prevents keys from being swapped to disk
  • Zero plaintext on disk — every field is encrypted before storage
  • Offline by default — no network access except optional HIBP breach checks

Read SECURITY.md for the full security policy and responsible disclosure process.


Python SDK

from nyxora import VaultClient

with VaultClient(vault_path="~/.nyxora/vault.nyx",
                 password="your-master-password") as client:
    entry = client.get("GitHub")
    print(entry.password)

    totp_code = client.get_totp("GitHub")
    score = client.health()
    print(f"Vault health: {score.grade} ({score.total}/100)")

Requirements

  • Python 3.12 or later (not needed for Windows .exe)
  • Windows 10+ or Linux
  • macOS — works but not officially tested

Contributing

Pull requests are welcome. See CONTRIBUTING.md for guidelines.


Built by ScorpioCodeX · Releases · Changelog · MIT License

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

nyxora-3.0.0.tar.gz (5.5 MB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

nyxora-3.0.0-py3-none-any.whl (160.3 kB view details)

Uploaded Python 3

File details

Details for the file nyxora-3.0.0.tar.gz.

File metadata

  • Download URL: nyxora-3.0.0.tar.gz
  • Upload date:
  • Size: 5.5 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for nyxora-3.0.0.tar.gz
Algorithm Hash digest
SHA256 cba705e24ccb3ec07b50e57358c183638aecfd2d581e5b9fb856ab48899c5d16
MD5 01af907edcb8b4e083b129d518251fed
BLAKE2b-256 bae57df50c39558a472f35a00f43e1c288ca47e9cbcc31e795219f4b8deb32fd

See more details on using hashes here.

Provenance

The following attestation bundles were made for nyxora-3.0.0.tar.gz:

Publisher: publish.yml on scorpiocodex/Nyxora

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file nyxora-3.0.0-py3-none-any.whl.

File metadata

  • Download URL: nyxora-3.0.0-py3-none-any.whl
  • Upload date:
  • Size: 160.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for nyxora-3.0.0-py3-none-any.whl
Algorithm Hash digest
SHA256 b979899786f1adf53a2d13a6dcd2e5b34f12a2757cd5aaf0bddd14c298a57b3c
MD5 700cab4ce6d9607094db33c4288e1e12
BLAKE2b-256 6d3b5a38a44d267a14de12bcfc61a4fb3cec606babf2d97e9ef82089ad508042

See more details on using hashes here.

Provenance

The following attestation bundles were made for nyxora-3.0.0-py3-none-any.whl:

Publisher: publish.yml on scorpiocodex/Nyxora

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page