Skip to main content

An offline, zero-knowledge, terminal-native password manager.

Project description

Nyxora — Tactical Secrets Vault

Your passwords. Your machine. No cloud. No compromise.

PyPI Python CI Coverage Platform License


Nyxora is an offline password manager that runs entirely in your terminal. Your vault is stored on your machine, encrypted with military-grade cryptography — nothing ever leaves it. No accounts. No cloud. No subscriptions.


Preview

Nyxora TUI — Obsidian Tactical vault browser

nyx tui — interactive vault browser with live TOTP codes, strength ratings, and instant search


Install

Recommended — works on Windows and Linux:

pipx install nyxora

Standard pip:

pip install nyxora

Windows — no Python required:

Download nyx.exe from the latest release and run it from any terminal.


Quick Start

# 1. Create your vault (one time only)
nyx vault init

# 2. Unlock it
nyx vault unlock

# 3. Add a password
nyx secret add -t "GitHub" -u "your-username" --generate

# 4. Open the interactive browser
nyx tui

That's it. Your vault is encrypted and stored locally at ~/.nyxora/vault.nyx.


What can Nyxora do?

🔒 Store secrets Passwords, usernames, URLs, notes, custom fields — all encrypted
🖥️ Interactive TUI Visual vault browser with search, TOTP codes, and strength ratings
🛡️ Security audit Scan for weak, reused, or breached passwords (via HaveIBeenPwned)
📋 Clipboard Copy passwords to clipboard — auto-clears after 30 seconds
🔑 Generator Passwords, passphrases, API keys, SSH keys with entropy analysis
🔐 TOTP support Store 2FA secrets per entry — live codes shown in the TUI and CLI
📦 Import Bring in passwords from Bitwarden, 1Password, or any CSV export
🔌 Scripting Pipe credentials into scripts without exposing them in shell history
🐍 Python SDK from nyxora import VaultClient — programmatic vault access
💾 Backups Create, verify, and restore encrypted vault backups
🚨 Emergency access Recovery capsules and Shamir secret sharing for catastrophic scenarios

Commands

Vault

nyx vault init              # create a new vault
nyx vault unlock            # unlock your vault
nyx vault lock              # lock and wipe session
nyx vault status            # show vault status
nyx vault change-password   # change master password
nyx vault panic             # emergency wipe — destroys session immediately
nyx vault profiles          # manage multiple vaults
nyx vault import            # import from CSV, JSON, Bitwarden, or 1Password

Secrets

nyx secret add              # add a new entry
nyx secret list             # list all entries
nyx secret get "GitHub"     # get an entry by title
nyx secret get "GitHub" --copy   # copy password to clipboard
nyx secret update "GitHub"  # update an entry
nyx secret delete "GitHub"  # delete an entry
nyx secret totp "GitHub"    # show live TOTP code
nyx secret clone "GitHub"   # duplicate an entry
nyx secret search "git"     # search by title, username, or URL

Generate

nyx generate password                        # random password
nyx generate password --length 32            # custom length
nyx generate password --min-strength strong  # enforce strength
nyx generate passphrase --words 6            # diceware passphrase
nyx generate api-key --prefix NYX            # API key with prefix
nyx generate entropy "hunter2"              # analyse any password

Security

nyx security audit          # full vault audit
nyx security audit --no-hibp    # skip breach check
nyx security health         # vault health score (0–100)
nyx security due            # passwords overdue for rotation
nyx security log            # audit event history
nyx security forensic       # full integrity verification

Scripting

# Pipe a password to a command's stdin
nyx script pipe "GitHub" -- some-command

# Inject credentials as environment variables
nyx script run "AWS" -- aws s3 ls

# Fuzzy-find entries (requires fzf)
nyx script fzf --copy

# Machine-readable output
nyx --json secret list
nyx --json vault status

Other

nyx backup create / list / verify / restore   # vault backups
nyx locker encrypt <file>                     # encrypt any file
nyx recovery status                           # check recovery setup
nyx update check / install / rollback         # manage updates
nyx tui                                       # interactive browser

Security

Nyxora is designed to keep your passwords secure even if your machine is compromised:

  • Argon2id key derivation — memory-hard, resistant to brute force
  • XChaCha20-Poly1305 encryption — authenticated, tamper-evident
  • Per-entry HMAC integrity checks — detects any modification
  • Memory locking — prevents keys from being swapped to disk
  • Zero plaintext on disk — every field is encrypted before storage
  • Offline by default — no network access except optional HIBP breach checks

Read SECURITY.md for the full security policy and responsible disclosure process.


Python SDK

from nyxora import VaultClient

with VaultClient(vault_path="~/.nyxora/vault.nyx",
                 password="your-master-password") as client:
    entry = client.get("GitHub")
    print(entry.password)

    totp_code = client.get_totp("GitHub")
    score = client.health()
    print(f"Vault health: {score.grade} ({score.total}/100)")

Requirements

  • Python 3.12 or later (not needed for Windows .exe)
  • Windows 10+ or Linux
  • macOS — works but not officially tested

Contributing

Pull requests are welcome. See CONTRIBUTING.md for guidelines.


Built by ScorpioCodeX · Releases · Changelog · MIT License

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

nyxora-3.1.0.tar.gz (5.5 MB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

nyxora-3.1.0-py3-none-any.whl (160.3 kB view details)

Uploaded Python 3

File details

Details for the file nyxora-3.1.0.tar.gz.

File metadata

  • Download URL: nyxora-3.1.0.tar.gz
  • Upload date:
  • Size: 5.5 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for nyxora-3.1.0.tar.gz
Algorithm Hash digest
SHA256 bf2289e4ddd1679e11dafea6ab3e950cf632499494e4551d3d6e3251610259f4
MD5 e72cc17076203c4def6bfd8cc12e35fb
BLAKE2b-256 f52740dfc4016677557f330539eb39e17496ae5956d77be580d712331037830a

See more details on using hashes here.

Provenance

The following attestation bundles were made for nyxora-3.1.0.tar.gz:

Publisher: publish.yml on scorpiocodex/Nyxora

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file nyxora-3.1.0-py3-none-any.whl.

File metadata

  • Download URL: nyxora-3.1.0-py3-none-any.whl
  • Upload date:
  • Size: 160.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for nyxora-3.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 dc766e091df6c1c28d01a23671675f55bc9fe65ca89aca8ca23304f225b64228
MD5 27e0e63965b9c8fd8d4db19bc62e1b52
BLAKE2b-256 8badff83681b3d9335798e64355145686de5f2264ebb7b2dacb3e5cf68e53c81

See more details on using hashes here.

Provenance

The following attestation bundles were made for nyxora-3.1.0-py3-none-any.whl:

Publisher: publish.yml on scorpiocodex/Nyxora

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page