Quickstart
Install CyberStrike and run your first pentest in under 5 minutes.
Agents overview
Explore 13+ specialized security agents for web, mobile, cloud, and network testing.
What CyberStrike is
CyberStrike is an AI-powered offensive security CLI agent. You run it from your terminal, point it at a target, describe what you want to test, and the agent autonomously executes reconnaissance, vulnerability discovery, exploitation attempts, and structured reporting — following proven security frameworks like OWASP WSTG, MASTG/MASVS, and CIS benchmarks. It ships with 13+ domain-specialized agents and 120+ OWASP test cases. It connects to your existing Anthropic, OpenAI, Google, or any other LLM subscription — no separate AI costs, no new accounts. If you already have Claude or GPT, you have a full pentest toolkit.The intelligence layer
CyberStrike is not a thin wrapper that forwards your prompt to an API. It is an intelligence layer that sits between you and your LLM, transforming a general-purpose model into an offensive security specialist on every request. When you connect your provider, CyberStrike injects domain-specific context — OWASP testing methodology, vulnerability patterns, attack chain reasoning, and tool orchestration logic — into every interaction. The model does not need prior security knowledge; CyberStrike provides it. The intelligence layer has four core components: Schema normalization — Structured, consistent output from any provider, regardless of response format differences between Anthropic, OpenAI, Google, or local models. The same test produces the same report structure no matter which model you use. Context guard — Prevents prompt leakage between test phases and keeps the agent focused on the current task. Context from a previous reconnaissance step does not bleed into an unrelated exploitation phase. Provider auto-detection — Automatically identifies your LLM endpoint and configures the optimal transport, authentication, and model parameters. Switching from Claude to GPT-4 requires changing one setting. Tool orchestration — Chains security tools intelligently based on findings, not fixed scripts. If a web scan surfaces a potential injection point, the agent selects and sequences the appropriate follow-up tools. If a cloud scan finds an overpermissioned role, it pivots to lateral movement testing.Who CyberStrike is for
Pentesters
Automate the repetitive phases — initial recon, service enumeration, common vulnerability checks — so you can focus on the creative attack chains that require human intuition. CyberStrike handles coverage; you handle depth.
Bug bounty hunters
Faster reconnaissance, wider coverage, consistent methodology across programs. CyberStrike does not get tired at 3am. Run structured assessments against multiple targets and triage the findings that matter.
Security teams
Run structured OWASP assessments with reproducible methodology and get reports that map to standards your compliance and development teams understand. Every finding includes evidence and steps to reproduce.
Security researchers
Extend CyberStrike with custom agents and MCP servers. The plugin system and MCP protocol make it a platform, not just a tool. Build new attack methodologies, connect new data sources, and share them with the community.
Key differentiators
Specialized agents, not generic chat — CyberStrike ships with 13+ agents purpose-built for specific security domains. Each agent carries its own methodology, tool knowledge, and testing patterns. Theweb-application agent follows OWASP WSTG. The cloud-security agent knows CIS benchmarks. The mobile-application agent uses Frida and follows MASTG/MASVS. They follow proven offensive security frameworks, not guesswork.
Any LLM, zero lock-in — Anthropic, OpenAI, Google, Amazon Bedrock, Azure, Groq, Mistral, DeepSeek, OpenRouter, Together AI, or fully offline with Ollama and LM Studio. You choose the model. You own the results. As AI models get better, CyberStrike gets better with them. Switch providers in seconds without reconfiguring anything.
Remote tool execution with Bolt — Your security tools do not have to run on your laptop. Deploy Bolt on one or many remote servers, pair with Ed25519 keys, and control everything from your local terminal. One CyberStrike instance can orchestrate dozens of Bolt servers, each with its own toolkit, network position, and attack surface access.
176+ tools via the MCP ecosystem — CyberStrike connects to specialized MCP servers: hackbrowser-mcp for browser-based security testing, cloud-audit-mcp for AWS/Azure/GCP audits, github-security-mcp for GitHub posture, cve-mcp for vulnerability intelligence, and osint-mcp for reconnaissance. All open source, all installable with npx.
Air-gap capable — Run CyberStrike entirely offline with Ollama or LM Studio. No data leaves your machine. Suitable for classified environments, isolated lab networks, and engagements with strict data handling requirements.
CyberStrike is for authorized security testing only. Always obtain written permission before testing any system you do not own. All contributions must follow the project’s ethical use policy.