Skip to main content
CyberStrike is for authorized security testing only. Always obtain explicit written permission before testing any system you do not own or have authorization to test.

Install

npm i -g @cyberstrike-io/cyberstrike@latest
1

Launch CyberStrike

Run cyberstrike in your terminal. On first launch it opens a TUI and walks you through selecting an LLM provider and entering your API key.
cyberstrike
Anthropic Claude (claude-sonnet-4-5 or claude-opus-4) gives the best performance for security testing thanks to extended thinking and strong tool-use capabilities.
2

Select an agent

Press Tab to cycle through available agents. Choose the one that matches your target:
AgentBest for
cyberstrikeGeneral recon and full-scope testing
web-applicationOWASP Top 10, WSTG methodology
cloud-securityAWS / Azure / GCP misconfigurations
mobile-applicationAndroid / iOS, Frida, MASTG
internal-networkActive Directory, Kerberos, lateral movement
3

Describe your target

Type your test objective in plain language. CyberStrike handles reconnaissance, tool selection, and execution autonomously.
Test https://example.com for common web vulnerabilities including SQL injection,
XSS, and broken authentication. Provide a full report with evidence.
4

Review findings

CyberStrike streams results as it works — tool calls, discovered endpoints, and vulnerability reports all appear in real time. Findings are formatted with severity, evidence, and remediation guidance.

Run non-interactively

Use cyberstrike run to send a message without the TUI — useful for scripting or CI: 
cyberstrike run --agent web-application "Test https://staging.example.com for OWASP Top 10 vulnerabilities"

Next steps

Agents

Explore all 13+ specialized security agents.

Configuration

Set a default model, configure permissions, and customize keybinds.

Bolt

Run tools on remote servers with Ed25519-authenticated Bolt.

CLI Reference

Every command, flag, and option documented.

Build docs developers (and LLMs) love

Get started for freeTalk to us