Stigix

A modern web-based SD-WAN traffic generator with real-time monitoring, customizable traffic patterns, and comprehensive security testing. Perfect for testing SD-WAN deployments, network QoS policies, and application performance.

---

📑 Table of Contents

• Features
• Screenshots Gallery
• Platform Support
• Prerequisites
• Quick Start
• Verify Installation
• What Happens on First Start?
• Usage
• Configuration
• Useful Commands
• Architecture
• Troubleshooting
• Security
• Key Concepts
• Docker Images
• Documentation
• Use Cases
• Contributing
• Roadmap
• License
• Support

---

Why I built Stigix tool ?

I built this tool after years of writing one-off scripts for SD-WAN and security POCs, and never finding a single lab platform that really matched what I see in the field. With a long background in networking and security, I wanted something that could generate realistic mixes of web/SaaS, voice and IoT traffic, tie in security use cases, and still be simple enough for engineers, partners and customers to run on their own. This project is my way to turn all that lab and demo experience into an open-source tool that helps people design, validate and troubleshoot modern SASE/SD-WAN deployments more effectively.

---

✨ Features

🚀 Traffic Generation

• 67 Pre-configured Applications - Popular SaaS apps (Google, Microsoft 365, Salesforce, Zoom, etc.).
• Realistic Traffic Patterns - Authentic HTTP requests with proper headers, User-Agents, and Referers
• Real-time Dashboard - Live traffic visualization, metrics, and status monitoring
• Weighted Distribution - Configure application traffic ratios using a visual Group/App percentage system
• Traffic Rate Control - Dynamically adjust generation speed from 0.1s to 5s delay via a slider
• Protocol & IP Flexibility - Support for explicit http:// or https:// and full IP address identification
• Multi-interface Support - Bind to specific network interfaces
• Voice Simulation (RTP) - Simulate real-time voice calls (G.711, G.729) with Scapy-based packet forging. Read more
• Speedtest (XFR): High-performance throughput and latency validation with real-time telemetry. Learn more about XFR testing. 🚀
• IoT/SaaS Emulation: Pre-populated application targets for SD-WAN policy verification.
• IoT Simulation - Simulate a variety of IoT devices (Cameras, Sensors) with Scapy-based DHCP and ARP support for "Real-on-the-Wire" physical network presence. Includes Security Testing / Attack Mode to validate malicious behavior detection (DNS Flood, C2 Beacon, Port Scan, Data Exfiltration). Read more
• Unified Source/Target Architecture - Every Stigix instance is versatile. It can simultaneously act as a Source (generating traffic) and a Target (responding to echo/bandwidth/SLA probes).
• Active by Default - High-precision traffic and responsive services (Voice Echo, XFR, HTTP SLA) are started automatically upon deployment. Any instance can be used as a test target by any other instance.
• Prisma SD-WAN Integration - Automatic discovery of sites and LAN interfaces via API for "Zero-Config" connectivity probes and path validation. Read more
• Convergence Lab (Performance) - High-precision UDP failover monitoring (up to 100 PPS) to measure SD-WAN tunnel transition times. Read more
• Smart Networking - Auto-detection of default gateways and interfaces (enp2s0, eth0) for a "Zero-Config" experience on physical Linux boxes. Read more
• VyOS Control - Orchestrate network events and perturbations (latency, loss, rate-limiting, ip blocking) on VyOS routers via Vyos API. Read more
• Autodiscovery & Registry - Automatic peer-to-peer discovery using Cloudflare Workers. "Zero-Config" multi-node setup with stateless authentication. Read more 📡✨
• Smart Identity - Automatic instance identification using system hostname. Simplifies deployment by reducing environment variables. 🆔
• Target Site Mode - Standalone container acting as a branch/hub target with HTTP, Voice, Failover tests and Bandwidth services (IPerf AND XFR speedtest). Read more

🛡️ Security

• URL Filtering Tests - Validate 66 different URL categories (malware, phishing, gambling, adult content, etc.)
• DNS Security Tests - Test DNS security policies with 24 domains (malware, phishing, DGA, etc.)
• Threat Prevention - EICAR file download testing for IPS validation
• Scheduled Testing - Automated security tests at configurable intervals
• EDL - IP, URL, DNS urls with sequential or random execution
• Test Results History - Persistent logging with search, filtering, and export

📊 Monitoring & Analytics

• Real-time Logs - Live log streaming with WebSocket updates
• Statistics Dashboard - Success/failure rates, latency metrics, bandwidth tracking
• Live VPN Topology Overlay - Real-time visualization of SD-WAN tunnels with path status (Active/Backup/Down) and HUB-specific filtering. Directly from Prisma SASE API.
• Persistent Logging - JSONL storage with 7-day retention and auto-rotation
• Search & Filter - Find specific tests quickly with powerful search
• Export Capabilities - Download results in JSON, CSV, or JSONL format

🔧 Zero-Config Deployment

• Auto-detection - Automatically detects network interfaces on first start
• Auto-generated Config - Creates applications-config.json with 67 apps automatically
• One-liner Install - Ready in 30 seconds with single command (Linux/macOS). Supports Dashboard or Target Site modes.
• Docker-based - Pre-built multi-platform images (AMD64 + ARM64).
• Export/Import config capability - to clone appplications, probes, IOT , Vyos configurations
• One-Click Upgrade (Beta) - Built-in maintenance UI to pull latest images and restart services with a single click.

🔒 Production Ready

• JWT Authentication - Secure login with token-based auth
• Log Rotation - Automatic cleanup with configurable retention
• Health Monitoring - Built-in healthchecks and dependency management
• Resource Limits - Optional CPU and memory constraints

---

🆕 What's New

The project is evolving rapidly with new features and refinements added in every release.

Highlights in v1.2.1

• Favicon System: Automated discovery and caching of SaaS application icons with intelligent fallback UI for enhanced dashboard visibility. 🌐✨
• Speedtest (XFR): High-performance throughput and latency validation with real-time telemetry and searchable history.
• IoT Security Testing: Bad behavior simulation for IoT devices (DNS Flood, C2 Beacon, Port Scan).
• Live VPN Topology: Real-time visualization of SD-WAN overlay paths with intelligent peer device mapping and HUB filtering.
• Site Discovery: Automatic discovery of Prisma SD-WAN LAN interfaces for path validation.
• Traffic Volume History: Persistent metrics storage and historical visualization in the dashboard.
• Probe Management Modal: Streamlined UI for adding/editing synthetic probes with improved validation and a functional Export button. 🛠️
• Cloud Egress Context: Enhanced "System Info" tab with real-time public IP, geolocation, and ASN data for Cloud probes. 🌍
• MCP Bridge Setup: New setup-bridge.sh script for automated local installation of the Claude MCP bridge. 🤖

View full changelog with all version details →

---

📸 Screenshots Gallery

Explore the application interface organized by feature area. Each category contains detailed screenshots showcasing the functionality.

🏠 Main Dashboard

Real-time monitoring, traffic control, and system health overview.

<img src="docs/screenshots/00-Main-Dashboard/01.png" alt="Main Dashboard" width="800">

View all Main Dashboard screenshots → (2 images)

---

⚙️ Configuration

Network interfaces, traffic distribution, synthetic probes, and application management.

<img src="docs/screenshots/01-Configuration/04.png" alt="Configuration Management" width="800">

View all Configuration screenshots → (2 images)

---

📊 Statistics

Traffic volume charts, success rates, and performance metrics.

<img src="docs/screenshots/02-Statistics/03.png" alt="Statistics Dashboard" width="800">

View all Statistics screenshots → (1 image)

---

🛡️ Security Testing

URL filtering, DNS security, threat prevention validation, and test results history.

<img src="docs/screenshots/03-security/06.png" alt="Security Testing" width="800">

View all Security screenshots → (7 images)

---

🎯 Performance Monitoring

Connectivity performance, synthetic probes, and endpoint health tracking.

<img src="docs/screenshots/04-Performance/13a.png" alt="Performance Monitoring" width="800">

**[View all Performance screensh