Exploring CyberStrikeAI: Chat‑Driven AI Security Testing Platform with 4.6k Stars

What It Is

CyberStrikeAI is an AI‑native security testing platform that wraps common penetration‑testing tools such as nmap, sqlmap, nuclei, metasploit, hashcat and bloodhound behind a web chat UI. Users type natural‑language commands and the AI automatically selects the appropriate tool, assembles attack chains, paginates large outputs and records high‑severity findings in a vulnerability panel.

Key Functional Details

1. Chat‑Driven Penetration Testing

In the chat window, commands like 扫描 192.168.1.1 的开放端口 trigger nmap, 检查 example.com/page?id=1 有没有 SQL 注入 triggers sqlmap, and 枚举 example.com 的子域名然后批量跑 nuclei runs subfinder followed by nuclei. The AI decides parameters and stores results as attachments when they exceed 200 KB.

2. 100+ Pre‑Configured Tools

Under the tools/ directory, more than 100 YAML templates cover stages such as network scanning, web‑app scanning, vulnerability scanning, sub‑domain enumeration, API security, container security, cloud security, binary analysis, exploitation, password cracking, forensics and post‑exploitation. Adding a new tool only requires copying and editing a YAML file.

3. Role‑Based Testing

The roles/ directory defines 12 preset roles (e.g., penetration testing, CTF, API security). Selecting a role changes the AI’s system prompt and limits the available tool set. Custom roles can be added by dropping a YAML file with name, description, user_prompt and a tool list into roles/ and restarting.

4. Multi‑Agent Orchestration

Built on ByteDance’s CloudWeGo Eino framework, CyberStrikeAI offers three orchestration strategies:

Deep : a coordinator delegates tasks to multiple sub‑agents, suitable for large‑scale engagements.

Plan‑Execute : a planner creates a plan, an executor follows it, and a replanner adjusts based on results.

Supervisor : an orchestrator dynamically schedules sub‑agents via transfer and exit, offering maximum flexibility.

Sub‑agents are defined as Markdown files in agents/. The multi_agent.enabled flag in config.yaml toggles the mode, and the appropriate API endpoint ( /api/eino-agent/stream or /api/multi-agent/stream) is used.

5. Skills System

CyberStrikeAI aligns with Anthropic’s Agent Skills specification. Each skill package lives in a directory containing SKILL.md and optional scripts. Skills are loaded on demand; the AI invokes them via the skill tool, preventing context‑window overload. Over 20 example skills (SQL injection, XSS, API security) are shipped in skills/, and custom packages can be bound to roles.

6. Built‑In Lightweight C2 Framework

The platform includes a full C2 implementation with listeners for TCP reverse, HTTP Beacon, HTTPS Beacon and WebSocket. Each listener has an independent key, encrypted channels, and persistent state in SQLite. REST endpoints under /api/c2/* expose listener, session, task and payload management, and a HITL approval flow guards dangerous commands.

7. WebShell Management

Four tabs—Connections, Virtual Terminal, File Manager, AI Assistant—allow handling of PHP, ASP, ASPX, JSP and custom shells. The AI assistant can automatically run commands or invoke tools based on the current WebShell context.

8. MCP (Model Context Protocol) Coverage

Three MCP transport modes are supported:

Web : HTTP service on port 8081 with X-MCP-Token header authentication.

Stdio : a compiled binary ( cmd/mcp-stdio/main.go) usable from Cursor, VS Code or Claude Code.

External Federation : third‑party MCP servers can be registered via the web UI, enabling integration with tools such as Burp Suite.

9. Knowledge‑Base RAG

Markdown security documents placed in knowledge_base/ are automatically chunked, embedded (using an OpenAI‑compatible text-embedding-v4 model) and indexed. The AI can call search_knowledge_base during a conversation to retrieve relevant information, e.g., “SQL 注入有哪些绕过 WAF 的手法”.

10. Attack‑Chain Visualization & Human‑AI Collaboration

The UI visualizes targets, tools and discovered vulnerabilities as an interactive graph with risk levels and timestamps. A HITL workflow lets users whitelist or approve high‑risk tools via config.yaml ( hitl.tool_whitelist).

Deployment & Getting Started

Requirements: Go 1.21+ and Python 3.10+. The author tested on an M2 Mac and a Kali VM.

git clone https://github.com/Ed1s0nZ/CyberStrikeAI.git
cd CyberStrikeAI
chmod +x run.sh && ./run.sh

The run.sh script checks Go/Python versions, creates a Python virtual environment, installs dependencies, runs go mod download, builds the Go binary and starts the service (≈3 minutes). By default it uses a self‑signed HTTPS certificate; the generated 24‑character password is printed in the terminal and used to log in at https://127.0.0.1:8080/. Adding --http runs the server in plain HTTP.

In Settings, fill api_key, base_url and model for the desired LLM (e.g., DeepSeek‑chat at https://api.deepseek.com/v1). The same fields can be edited directly in config.yaml.

Tool installation is optional; the AI skips missing tools. For a full experience on macOS, install required binaries via Homebrew:

brew install nmap masscan sqlmap nikto gobuster ffuf hydra hashcat nuclei subfinder

On Kali/Ubuntu, install the equivalents with apt. The complete tool list resides in tools/.

Simple Usage

After logging in, the left pane shows conversations and the right pane is the chat area. Users can switch between single‑agent and multi‑agent modes and select a role.

To start a scan, type a natural‑language request such as:

"扫描 192.168.1.0/24 网段的开放端口，重点看 22、80、443、3306、8080"

The AI first runs nmap, then automatically adds httpx for fingerprinting any discovered web services, streaming commands and results in real time.

Conclusion

CyberStrikeAI goes beyond a simple ChatGPT wrapper; it embeds AI deeply into the penetration‑testing workflow, handling tool orchestration, context management and attack‑path tracking. Its extensive tool coverage, multi‑agent strategies, Skills system, built‑in C2, knowledge‑base RAG and HITL approval flow make it a highly ambitious open‑source project. The Go backend is lightweight, the Apache 2.0 license permits unrestricted use, but documentation for advanced features is still sparse and multi‑agent configuration requires manual edits in config.yaml. Overall, the project is functional, actively maintained and valuable for security practitioners willing to explore its capabilities.