Skip to main content
Every time you run CyberStrike — interactively or via cyberstrike run — a session is created and persisted on disk. Sessions store the full conversation history and can be resumed, forked, or shared at any time. 
cyberstrike session <subcommand>

Subcommands

SubcommandDescription
cyberstrike session listList sessions

cyberstrike session list

Lists all top-level sessions (excluding forked child sessions), sorted by most recently updated first. By default the output is paginated through your system pager when connected to a terminal. 
cyberstrike session list [flags]

Flags

--max-count, -n
number
Limit output to the N most recent sessions. When this flag is set, pagination is disabled and output is written directly to stdout.
--format
string
default:"table"
Output format. Choices: table, json.
  • table — human-readable column layout.
  • json — JSON array with full session metadata.

Examples

cyberstrike session list

Table output

Session ID            Title                      Updated
──────────────────────────────────────────────────────────────
ses_01abc123def456   SQL injection scan         Today 14:32
ses_01xyz789ghi000   Auth bypass assessment     Today 09:11
ses_01old000aaa111   Subdomain enumeration      Yesterday

JSON output

Each element in the JSON array contains:
FieldTypeDescription
idstringSession ID
titlestringSession title
updatednumberLast updated timestamp (Unix ms)
creatednumberCreated timestamp (Unix ms)
projectIdstringProject ID the session belongs to
directorystringWorking directory at session creation
[
  {
    "id": "ses_01abc123def456",
    "title": "SQL injection scan",
    "updated": 1719500000000,
    "created": 1719490000000,
    "projectId": "prj_01zzz",
    "directory": "/home/user/targets"
  }
]

Session IDs

Session IDs are stable opaque strings prefixed with ses_. Use them anywhere a session reference is accepted: 
# Continue a session by ID
cyberstrike run --session ses_01abc123def456 "enumerate endpoints"

# Fork a session by ID
cyberstrike run --session ses_01abc123def456 --fork "try different payloads"

Continuing sessions

1

Find the session ID

cyberstrike session list -n 10
2

Resume the session

cyberstrike run --session ses_01abc123def456 "continue the assessment"
3

Or continue the last session

cyberstrike run --continue "add the findings to the report"
Use --fork when you want to try an alternative approach without modifying the original session history.

Build docs developers (and LLMs) love

Get started for freeTalk to us