[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-73235":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":25,"hasPages":23,"topics":26,"createdAt":10,"pushedAt":10,"updatedAt":36,"readmeContent":37,"aiSummary":38,"trendingCount":16,"starSnapshotCount":16,"syncStatus":39,"lastSyncTime":40,"discoverSource":41},73235,"CyberStrikeAI","Ed1s0nZ\u002FCyberStrikeAI","Ed1s0nZ","CyberStrikeAI is an AI-native security testing platform built in Go. It integrates 100+ security tools, an intelligent orchestration engine, role-based testing with predefined security roles, a skills system with specialized testing skills, and comprehensive lifecycle management capabilities.","",null,"Go",4367,734,33,25,0,174,337,620,522,110.6,"Apache License 2.0",false,"main",true,[27,28,29,30,31,32,33,34,35],"ai","ai-agents","ai-cybersecurity","ai-hacking","ai-penetration-testing","ai-security-tool","ctf-tools","mcp","pentesting-tools","2026-06-12 04:01:08","\u003Cdiv align=\"center\">\n  \u003Cimg src=\"images\u002Flogo.png\" alt=\"CyberStrikeAI Logo\" width=\"200\">\n\u003C\u002Fdiv>\n\n# CyberStrikeAI\n\n\n[中文](README_CN.md) | [English](README.md)\n\n**Community**: [Join us on Discord](https:\u002F\u002Fdiscord.gg\u002F8PjVCMu8Zw)\n\n\u003Cdetails>\n\u003Csummary>\u003Cstrong>WeChat group\u003C\u002Fstrong> (click to reveal QR code)\u003C\u002Fsummary>\n\n\u003Cimg src=\".\u002Fimages\u002Fwechat-group-cyberstrikeai-qr.jpg\" alt=\"CyberStrikeAI WeChat group QR code\" width=\"280\">\n\n\u003C\u002Fdetails>\n\n\u003Cdetails>\n\u003Csummary>\u003Cstrong>Sponsorship\u003C\u002Fstrong> (click to expand)\u003C\u002Fsummary>\n\nIf CyberStrikeAI helps you, you can support the project via **WeChat Pay** or **Alipay**:\n\n\u003Cdiv align=\"center\">\n  \u003Cimg src=\".\u002Fimages\u002Fsponsor-wechat-alipay-qr.jpg\" alt=\"WeChat Pay and Alipay sponsorship QR codes\" width=\"480\">\n\u003C\u002Fdiv>\n\n\u003C\u002Fdetails>\n\nCyberStrikeAI is an **AI-native security testing platform** built in Go. It integrates 100+ security tools, an intelligent orchestration engine, role-based testing with predefined security roles, a skills system with specialized testing skills, comprehensive lifecycle management capabilities, and a **built-in lightweight C2 (Command & Control) framework** for **authorized** engagements (listeners, encrypted implants, sessions, tasks, real-time events, REST and MCP). Through native MCP protocol and AI agents, it enables end-to-end automation from conversational commands to vulnerability discovery, attack-chain analysis, knowledge retrieval, and result visualization—delivering an auditable, traceable, and collaborative testing environment for security teams.\n\n\n## Interface & Integration Preview\n\n\u003Cdiv align=\"center\">\n\n### System Dashboard Overview\n\n\u003Cimg src=\".\u002Fimages\u002Fdashboard.png\" alt=\"System Dashboard\" width=\"100%\">\n\n*The dashboard provides a comprehensive overview of system runtime status, security vulnerabilities, tool usage, and knowledge base, helping users quickly understand the platform's core features and current state.*\n\n### Core Features Overview\n\n\u003Ctable>\n\u003Ctr>\n\u003Ctd width=\"33.33%\" align=\"center\">\n\u003Cstrong>Web Console\u003C\u002Fstrong>\u003Cbr\u002F>\n\u003Cimg src=\".\u002Fimages\u002Fweb-console.png\" alt=\"Web Console\" width=\"100%\">\n\u003C\u002Ftd>\n\u003Ctd width=\"33.33%\" align=\"center\">\n\u003Cstrong>Task Management\u003C\u002Fstrong>\u003Cbr\u002F>\n\u003Cimg src=\".\u002Fimages\u002Ftask-management.png\" alt=\"Task Management\" width=\"100%\">\n\u003C\u002Ftd>\n\u003Ctd width=\"33.33%\" align=\"center\">\n\u003Cstrong>Vulnerability Management\u003C\u002Fstrong>\u003Cbr\u002F>\n\u003Cimg src=\".\u002Fimages\u002Fvulnerability-management.png\" alt=\"Vulnerability Management\" width=\"100%\">\n\u003C\u002Ftd>\n\u003C\u002Ftr>\n\u003Ctr>\n\u003Ctd width=\"33.33%\" align=\"center\">\n\u003Cstrong>WebShell Management\u003C\u002Fstrong>\u003Cbr\u002F>\n\u003Cimg src=\".\u002Fimages\u002Fwebshell-management.png\" alt=\"WebShell Management\" width=\"100%\">\n\u003C\u002Ftd>\n\u003Ctd width=\"33.33%\" align=\"center\">\n\u003Cstrong>MCP Management\u003C\u002Fstrong>\u003Cbr\u002F>\n\u003Cimg src=\".\u002Fimages\u002Fmcp-management.png\" alt=\"MCP management\" width=\"100%\">\n\u003C\u002Ftd>\n\u003Ctd width=\"33.33%\" align=\"center\">\n\u003Cstrong>Knowledge Base\u003C\u002Fstrong>\u003Cbr\u002F>\n\u003Cimg src=\".\u002Fimages\u002Fknowledge-base.png\" alt=\"Knowledge Base\" width=\"100%\">\n\u003C\u002Ftd>\n\u003C\u002Ftr>\n\u003Ctr>\n\u003Ctd width=\"33.33%\" align=\"center\">\n\u003Cstrong>Skills Management\u003C\u002Fstrong>\u003Cbr\u002F>\n\u003Cimg src=\".\u002Fimages\u002Fskills.png\" alt=\"Skills Management\" width=\"100%\">\n\u003C\u002Ftd>\n\u003Ctd width=\"33.33%\" align=\"center\">\n\u003Cstrong>Agent Management\u003C\u002Fstrong>\u003Cbr\u002F>\n\u003Cimg src=\".\u002Fimages\u002Fagent-management.png\" alt=\"Agent Management\" width=\"100%\">\n\u003C\u002Ftd>\n\u003Ctd width=\"33.33%\" align=\"center\">\n\u003Cstrong>Role Management\u003C\u002Fstrong>\u003Cbr\u002F>\n\u003Cimg src=\".\u002Fimages\u002Frole-management.png\" alt=\"Role Management\" width=\"100%\">\n\u003C\u002Ftd>\n\u003C\u002Ftr>\n\u003Ctr>\n\u003Ctd width=\"33.33%\" align=\"center\">\n\u003Cstrong>System Settings\u003C\u002Fstrong>\u003Cbr\u002F>\n\u003Cimg src=\".\u002Fimages\u002Fsettings.png\" alt=\"System settings\" width=\"100%\">\n\u003C\u002Ftd>\n\u003Ctd width=\"33.33%\" align=\"center\">\n\u003Cstrong>MCP stdio Mode\u003C\u002Fstrong>\u003Cbr\u002F>\n\u003Cimg src=\".\u002Fimages\u002Fmcp-stdio2.png\" alt=\"MCP stdio mode\" width=\"100%\">\n\u003C\u002Ftd>\n\u003Ctd width=\"33.33%\" align=\"center\">\n\u003Cstrong>Burp Suite Plugin\u003C\u002Fstrong>\u003Cbr\u002F>\n\u003Cimg src=\".\u002Fimages\u002Fplugins.png\" alt=\"Burp Suite plugin\" width=\"100%\">\n\u003C\u002Ftd>\n\u003C\u002Ftr>\n\u003C\u002Ftable>\n\n\u003C\u002Fdiv>\n\n## Highlights\n\n- 🤖 AI decision engine with OpenAI-compatible models (GPT, Claude, DeepSeek, etc.)\n- 🔌 Native MCP implementation with HTTP\u002Fstdio\u002FSSE transports and external MCP federation\n- 🧰 100+ prebuilt tool recipes + YAML-based extension system\n- 📄 Large-result pagination, compression, and searchable archives\n- 🔗 Attack-chain graph, risk scoring, and step-by-step replay\n- 🔒 Password-protected web UI, audit logs, and SQLite persistence\n- 📚 Knowledge base (RAG) with embedding-based vector retrieval (cosine similarity), optional **Eino Compose** indexing pipeline, and configurable post-retrieval budgets \u002F reranking hooks\n- 📁 Conversation grouping with pinning, rename, and batch management\n- 🛡️ Vulnerability management with CRUD operations, severity tracking, status workflow, and statistics\n- 📋 Batch task management: create task queues, add multiple tasks, and execute them sequentially\n- 🎭 Role-based testing: predefined security testing roles (Penetration Testing, CTF, Web App Scanning, etc.) with custom prompts and tool restrictions\n- 🧩 **Multi-agent (CloudWeGo Eino)**: alongside **single-agent ReAct** (`\u002Fapi\u002Fagent-loop`), **multi mode** (`\u002Fapi\u002Fmulti-agent\u002Fstream`) offers **`deep`** (coordinator + `task` sub-agents), **`plan_execute`** (planner \u002F executor \u002F replanner), and **`supervisor`** (orchestrator + `transfer` \u002F `exit`); chosen per request via **`orchestration`**. Markdown under `agents\u002F`: `orchestrator.md` (Deep), `orchestrator-plan-execute.md`, `orchestrator-supervisor.md`, plus sub-agent `*.md` where applicable (see [Multi-agent doc](docs\u002FMULTI_AGENT_EINO.md))\n- 🎯 **Skills (refactored for Eino)**: packs under `skills_dir` follow **Agent Skills** layout (`SKILL.md` + optional files); **multi-agent** sessions use the official Eino ADK **`skill`** tool for **progressive disclosure** (load by name), with optional **host filesystem \u002F shell** via `multi_agent.eino_skills`; optional **`eino_middleware`** adds patchtoolcalls, tool_search, plantask, reduction, checkpoints, and Deep tuning—20+ sample domains (SQLi, XSS, API security, …) ship under `skills\u002F`\n- 📱 **Chatbot**: DingTalk and Lark (Feishu) long-lived connections so you can talk to CyberStrikeAI from mobile (see [Robot \u002F Chatbot guide](docs\u002Frobot_en.md) for setup and commands)\n- 🧑‍⚖️ **Human-in-the-loop (HITL)**: Chat sidebar to set approval mode and tool allowlists (listed tools skip approval); global list in `config.yaml` under `hitl.tool_whitelist`; **Apply** can merge new tools into the file and update the running server without restart; dedicated **HITL** page for pending approvals\n- 🐚 **WebShell management**: Add and manage WebShell connections (e.g. IceSword\u002FAntSword compatible), use a virtual terminal for command execution, a built-in file manager for file operations, and an AI assistant tab that orchestrates tests and keeps per-connection conversation history; supports PHP, ASP, ASPX, JSP and custom shell types with configurable request method and command parameter.\n- 📡 **Built-in C2**: AI-oriented lightweight command-and-control—**listeners** (TCP reverse, HTTP\u002FHTTPS beacon, WebSocket), **encrypted** beacon channel, **session** and **task** queues with persistence, **payload** helpers (one-liner \u002F build \u002F download), **SSE** live events, REST under `\u002Fapi\u002Fc2\u002F*`, plus unified MCP tools (`c2_listener`, `c2_session`, **`c2_task`**, `c2_task_manage`, `c2_payload`, `c2_event`, `c2_profile`, `c2_file`); optional **HITL** approval for sensitive operations and OPSEC-style controls (e.g. command deny rules). **Authorized testing only.**\n\n## Plugins\n\nCyberStrikeAI includes optional integrations under `plugins\u002F`.\n\n- **Burp Suite extension**: `plugins\u002Fburp-suite\u002Fcyberstrikeai-burp-extension\u002F`  \n  Build output: `plugins\u002Fburp-suite\u002Fcyberstrikeai-burp-extension\u002Fdist\u002Fcyberstrikeai-burp-extension.jar`  \n  Docs: `plugins\u002Fburp-suite\u002Fcyberstrikeai-burp-extension\u002FREADME.md`\n\n## Tool Overview\n\nCyberStrikeAI ships with 100+ curated tools covering the whole kill chain:\n\n- **Network Scanners** – nmap, masscan, rustscan, arp-scan, nbtscan\n- **Web & App Scanners** – sqlmap, nikto, dirb, gobuster, feroxbuster, ffuf, httpx\n- **Vulnerability Scanners** – nuclei, wpscan, wafw00f, dalfox, xsser\n- **Subdomain Enumeration** – subfinder, amass, findomain, dnsenum, fierce\n- **Network Space Search Engines** – fofa_search, zoomeye_search\n- **API Security** – graphql-scanner, arjun, api-fuzzer, api-schema-analyzer\n- **Container Security** – trivy, clair, docker-bench-security, kube-bench, kube-hunter\n- **Cloud Security** – prowler, scout-suite, cloudmapper, pacu, terrascan, checkov\n- **Binary Analysis** – gdb, radare2, ghidra, objdump, strings, binwalk\n- **Exploitation** – metasploit, msfvenom, pwntools, ropper, ropgadget\n- **Password Cracking** – hashcat, john, hashpump\n- **Forensics** – volatility, volatility3, foremost, steghide, exiftool\n- **Post-Exploitation** – linpeas, winpeas, mimikatz, bloodhound, impacket, responder\n- **CTF Utilities** – stegsolve, zsteg, hash-identifier, fcrackzip, pdfcrack, cyberchef\n- **System Helpers** – exec, create-file, delete-file, list-files, modify-file\n\n## Basic Usage\n\n### Quick Start (One-Command Deployment)\n\n**Prerequisites:**\n- Go 1.21+ ([Install](https:\u002F\u002Fgo.dev\u002Fdl\u002F))\n- Python 3.10+ ([Install](https:\u002F\u002Fwww.python.org\u002Fdownloads\u002F))\n\n**One-Command Deployment:**\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002FEd1s0nZ\u002FCyberStrikeAI.git\ncd CyberStrikeAI\nchmod +x run.sh && .\u002Frun.sh\n```\n\nThe `run.sh` script will automatically:\n- ✅ Check and validate Go & Python environments\n- ✅ Create Python virtual environment\n- ✅ Install Python dependencies\n- ✅ Download Go dependencies\n- ✅ Build the project\n- ✅ Start the server\n\n**Networking defaults:** `run.sh` starts the server with **`--https`** and the repo **`config.yaml`** (local self-signed TLS; better for many concurrent streams). Use **`.\u002Frun.sh --http`** for plain HTTP. In production, set **`server.tls_cert_path`** \u002F **`server.tls_key_path`** in **`config.yaml`** (see comments there). For manual runs, add **`--https`** or **`CYBERSTRIKE_HTTPS=1`**; if **`-config`** is wrong, the binary prints a short usage hint on stderr.\n\n**First-Time Configuration:**\n1. **Configure OpenAI-compatible API** (required before first use)\n   - After launch, open **`https:\u002F\u002F127.0.0.1:8080\u002F`** (or **`https:\u002F\u002Flocalhost:8080\u002F`**; replace **8080** with `server.port` in `config.yaml`) and accept the self-signed certificate warning once. If you used `.\u002Frun.sh --http`, use **`http:\u002F\u002F`** instead.\n   - Go to `Settings` → Fill in your API credentials:\n     ```yaml\n     openai:\n       api_key: \"sk-your-key\"\n       base_url: \"https:\u002F\u002Fapi.openai.com\u002Fv1\"  # or https:\u002F\u002Fapi.deepseek.com\u002Fv1\n       model: \"gpt-4o\"  # or deepseek-chat, claude-3-opus, etc.\n     ```\n   - Or edit `config.yaml` directly before launching\n2. **Login** - Use the auto-generated password shown in the console (or set `auth.password` in `config.yaml`)\n3. **Install security tools (optional)** - Install tools as needed:\n   ```bash\n   # macOS\n   brew install nmap sqlmap nuclei httpx gobuster feroxbuster subfinder amass\n   # Ubuntu\u002FDebian\n   sudo apt-get install nmap sqlmap nuclei httpx gobuster feroxbuster\n   ```\n   AI automatically falls back to alternatives when a tool is missing.\n\n**Alternative Launch Methods:**\n```bash\n# Direct Go run (set up env yourself); add --https to match run.sh defaults\ngo run cmd\u002Fserver\u002Fmain.go --https\n\n# Manual build\ngo build -o cyberstrike-ai cmd\u002Fserver\u002Fmain.go\n.\u002Fcyberstrike-ai --https\n```\n\nIf server logs show `client sent an HTTP request to an HTTPS server`, a client is still using **`http:\u002F\u002F`** on a TLS-only port—switch the URL to **`https:\u002F\u002F`**.\n\n**Note:** The Python virtual environment (`venv\u002F`) is automatically created and managed by `run.sh`. Tools that require Python (like `api-fuzzer`, `http-framework-test`, etc.) will automatically use this environment.\n\n### Version Update (No Breaking Changes)\n\n**CyberStrikeAI one-click upgrade (recommended):**\n1. (First time) enable the script: `chmod +x upgrade.sh`\n2. Upgrade with: `.\u002Fupgrade.sh` (optional flags: `--tag vX.Y.Z`, `--no-venv`, `--yes`). Local `tools\u002F`, `roles\u002F`, and `skills\u002F` are always preserved.\n3. The script will back up your `config.yaml` and `data\u002F`, upgrade the code from GitHub Release, update `config.yaml`'s `version`, then restart the server.\n\nRecommended one-liner:\n`chmod +x upgrade.sh && .\u002Fupgrade.sh --yes`\n\nIf something goes wrong, you can restore from `.upgrade-backup\u002F` (or manually copy `\u002Fdata` and `config.yaml` back) and run `.\u002Frun.sh` again.\n\nRequirements \u002F tips:\n* You need `curl` or `wget` for downloading Release packages.\n* `rsync` is recommended\u002Frequired for the safe code sync.\n* If GitHub API rate-limits you, set `export GITHUB_TOKEN=\"...\"` before running `.\u002Fupgrade.sh`.\n\n⚠️ **Note:** This procedure only applies to version updates without compatibility or breaking changes. If a release includes compatibility changes, this method may not apply.\n\n**Examples:** No breaking changes — e.g. v1.3.1 → v1.3.2; with breaking changes — e.g. v1.3.1 → v1.4.0. The project follows [Semantic Versioning](https:\u002F\u002Fsemver.org\u002F) (SemVer): when only the patch version (third number) changes, this upgrade path is usually safe; when the minor or major version changes, config, data, or APIs may have changed — check the release notes before using this method.\n\n### Core Workflows\n- **Conversation testing** – Natural-language prompts trigger toolchains with streaming SSE output.\n- **Single vs multi-agent** – With `multi_agent.enabled: true`, the chat UI can switch between **single** (classic **ReAct** loop, `\u002Fapi\u002Fagent-loop\u002Fstream`) and **multi** (`\u002Fapi\u002Fmulti-agent\u002Fstream`). Multi mode keeps **`deep`** as the baseline coordinator + **`task`** sub-agents, and adds **`plan_execute`** and **`supervisor`** orchestrations via the request body **`orchestration`** field. MCP tools are bridged the same way as single-agent.\n- **Role-based testing** – Select from predefined security testing roles (Penetration Testing, CTF, Web App Scanning, API Security Testing, etc.) to customize AI behavior and tool availability. Each role applies custom system prompts and can restrict available tools for focused testing scenarios.\n- **Tool monitor** – Inspect running jobs, execution logs, and large-result attachments.\n- **History & audit** – Every conversation and tool invocation is stored in SQLite with replay.\n- **Conversation groups** – Organize conversations into groups, pin important groups, rename or delete groups via context menu.\n- **Vulnerability management** – Create, update, and track vulnerabilities discovered during testing. Filter by severity (critical\u002Fhigh\u002Fmedium\u002Flow\u002Finfo), status (open\u002Fconfirmed\u002Ffixed\u002Ffalse_positive), and conversation. View statistics and export findings.\n- **Batch task management** – Create task queues with multiple tasks, add or edit tasks before execution, and run them sequentially. Each task executes as a separate conversation, with status tracking (pending\u002Frunning\u002Fcompleted\u002Ffailed\u002Fcancelled) and full execution history.\n- **WebShell management** – Add and manage WebShell connections (PHP\u002FASP\u002FASPX\u002FJSP or custom). Use the virtual terminal to run commands, the file manager to list, read, edit, upload, and delete files, and the AI assistant tab to drive scripted tests with per-connection conversation history. Connections are stored in SQLite; supports GET\u002FPOST and configurable command parameter (e.g. IceSword\u002FAntSword style).\n- **Built-in C2** – Create\u002Fstart **listeners**, generate **payloads**, track **sessions**, enqueue **tasks**, and subscribe to **events** (SSE) from the Web UI or `\u002Fapi\u002Fc2\u002F*`. Agents and external clients use the C2 MCP tool family (including **`c2_task`**); when HITL is enabled, high-risk tasks can require human approval. Intended **only** for systems you are explicitly authorized to test.\n- **Settings** – Tweak provider keys, MCP enablement, tool toggles, and agent iteration limits.\n- **Human-in-the-loop (HITL)** – Sidebar sets mode and allowlisted tools (comma- or newline-separated); global list lives in `config.yaml` under `hitl.tool_whitelist`. **Apply** updates browser\u002Fserver and can merge new tools into the file (**no restart**). **New chat** keeps sidebar choices; **HITL** nav shows pending approvals. Removing a tool in the sidebar does not remove it from the global list in `config.yaml`—edit the file if needed.\n\n### Built-in Safeguards\n- Required-field validation prevents accidental blank API credentials.\n- Auto-generated strong passwords when `auth.password` is empty.\n- Unified auth middleware for every web\u002FAPI call (Bearer token flow).\n- Timeout and sandbox guards per tool, plus structured logging for triage.\n\n## Advanced Usage\n\n### Role-Based Testing\n- **Predefined roles** – System includes 12+ predefined security testing roles (Penetration Testing, CTF, Web App Scanning, API Security Testing, Binary Analysis, Cloud Security Audit, etc.) in the `roles\u002F` directory.\n- **Custom prompts** – Each role can define a `user_prompt` that prepends to user messages, guiding the AI to adopt specialized testing methodologies and focus areas.\n- **Tool restrictions** – Roles can specify a `tools` list to limit available tools, ensuring focused testing workflows (e.g., CTF role restricts to CTF-specific utilities).\n- **Skills** – Skill packs live under `skills_dir` and are loaded in **multi-agent \u002F Eino** sessions via the ADK **`skill`** tool (**progressive disclosure**). Configure **`multi_agent.eino_skills`** for middleware, tool name override, and optional host **read_file \u002F glob \u002F grep \u002F write \u002F edit \u002F execute** (**Deep \u002F Supervisor** when enabled; **plan_execute** differs—see docs). Single-agent ReAct does not mount this Eino skill stack today.\n- **Easy role creation** – Create custom roles by adding YAML files to the `roles\u002F` directory. Each role defines `name`, `description`, `user_prompt`, `icon`, `tools`, and `enabled` fields.\n- **Web UI integration** – Select roles from a dropdown in the chat interface. Role selection affects both AI behavior and available tool suggestions.\n\n**Creating a custom role (example):**\n1. Create a YAML file in `roles\u002F` (e.g., `roles\u002Fcustom-role.yaml`):\n   ```yaml\n   name: Custom Role\n   description: Specialized testing scenario\n   user_prompt: You are a specialized security tester focusing on API security...\n   icon: \"\\U0001F4E1\"\n   tools:\n     - api-fuzzer\n     - arjun\n     - graphql-scanner\n   enabled: true\n   ```\n2. Restart the server or reload configuration; the role appears in the role selector dropdown.\n\n### Multi-Agent Mode (Eino: Deep, Plan-Execute, Supervisor)\n- **What it is** – An optional execution path beside **single-agent ReAct**, built on CloudWeGo **Eino** `adk\u002Fprebuilt`: **`deep`** — coordinator + **`task`** sub-agents; **`plan_execute`** — planner \u002F executor \u002F replanner loop (no YAML\u002FMarkdown sub-agent list); **`supervisor`** — orchestrator with **`transfer`** and **`exit`** over Markdown-defined specialists. The client sends **`orchestration`**: `deep` | `plan_execute` | `supervisor` (default `deep`).\n- **Markdown agents** – Under `agents_dir` (default `agents\u002F`):\n  - **Deep orchestrator**: `orchestrator.md` *or* one `.md` with `kind: orchestrator`. Body or `multi_agent.orchestrator_instruction`, then Eino defaults.\n  - **Plan-Execute orchestrator**: fixed name **`orchestrator-plan-execute.md`** (plus optional `orchestrator_instruction_plan_execute` in YAML).\n  - **Supervisor orchestrator**: fixed name **`orchestrator-supervisor.md`** (plus optional `orchestrator_instruction_supervisor`); requires at least one sub-agent.\n  - **Sub-agents** (for **deep** \u002F **supervisor**): other `*.md` files (YAML front matter + body). Not used as **`task`** targets if marked orchestrator-only.\n- **Management** – Web UI: **Agents → Agent management**; API `\u002Fapi\u002Fmulti-agent\u002Fmarkdown-agents`.\n- **Config** – `multi_agent` in `config.yaml`: `enabled`, `default_mode`, `robot_use_multi_agent`, `batch_use_multi_agent`, `max_iteration`, `plan_execute_loop_max_iterations`, per-mode orchestrator instruction fields, optional YAML `sub_agents` merged with disk (`id` clash → Markdown wins), **`eino_skills`**, **`eino_middleware`** (optional ADK middleware and Deep\u002FSupervisor tuning).\n- **Details** – **[docs\u002FMULTI_AGENT_EINO.md](docs\u002FMULTI_AGENT_EINO.md)** (streaming, robots, batch, middleware caveats).\n\n### Skills System (Agent Skills + Eino)\n- **Layout** – Each skill is a directory with **required** `SKILL.md` only ([Agent Skills](https:\u002F\u002Fplatform.claude.com\u002Fdocs\u002Fen\u002Fagents-and-tools\u002Fagent-skills\u002Foverview)): YAML front matter **only** `name` and `description`, plus Markdown body. Optional sibling files (`FORMS.md`, `REFERENCE.md`, `scripts\u002F*`, …). **No** `SKILL.yaml` (not part of Claude or Eino specs); sections\u002Fscripts\u002Fprogressive behavior are **derived at runtime** from Markdown and the filesystem.\n- **Runtime refactor** – **`skills_dir`** is the single root for packs. **Multi-agent** loads them through Eino’s official **`skill`** middleware (**progressive disclosure**: model calls `skill` with a pack **name** instead of receiving full SKILL text up front). Configure via **`multi_agent.eino_skills`**: `disable`, `filesystem_tools` (host read\u002Fglob\u002Fgrep\u002Fwrite\u002Fedit\u002Fexecute), `skill_tool_name`.\n- **Eino \u002F RAG** – Packages are also split into `schema.Document` chunks for `FilesystemSkillsRetriever` (`skills.AsEinoRetriever()`) in **compose** graphs (e.g. knowledge\u002Findexing pipelines).\n- **HTTP API** – `\u002Fapi\u002Fskills` listing and `depth` (`summary` | `full`), `section`, and `resource_path` remain for the web UI and ops; **model-side** skill loading in multi-agent uses the **`skill`** tool, not MCP.\n- **Optional `eino_middleware`** – e.g. `tool_search` (dynamic MCP tool list), `patch_tool_calls`, `plantask` (structured tasks; persistence defaults under a subdirectory of `skills_dir`), `reduction`, `checkpoint_dir`, Deep output key \u002F model retries \u002F task-tool description prefix—see `config.yaml` and `internal\u002Fconfig\u002Fconfig.go`.\n- **Shipped demo** – `skills\u002Fcyberstrike-eino-demo\u002F`; see `skills\u002FREADME.md`.\n\n**Creating a skill:**\n1. `mkdir skills\u002F\u003Cskill-id>` and add standard `SKILL.md` (+ any optional files), or drop in an open-source skill folder as-is.\n2. Use **multi-agent** with **`multi_agent.eino_skills`** enabled so the model can call the **`skill`** tool with that pack **name**.\n\n### Tool Orchestration & Extensions\n- **YAML recipes** in `tools\u002F*.yaml` describe commands, arguments, prompts, and metadata.\n- **Directory hot-reload** – pointing `security.tools_dir` to a folder is usually enough; inline definitions in `config.yaml` remain supported for quick experiments.\n- **Large-result pagination** – outputs beyond 200 KB are stored as artifacts retrievable through the `query_execution_result` tool with paging, filters, and regex search.\n- **Result compression** – multi-megabyte logs can be summarized or losslessly compressed before persisting to keep SQLite lean.\n\n**Creating a custom tool (typical flow)**\n1. Copy an existing YAML file from `tools\u002F` (for example `tools\u002Fsample.yaml`).\n2. Update `name`, `command`, `args`, and `short_description`.\n3. Describe positional or flag parameters in `parameters[]` so the agent knows how to build CLI arguments.\n4. Provide a longer `description`\u002F`notes` block if the agent needs extra context or post-processing tips.\n5. Restart the server or reload configuration; the new tool becomes available immediately and can be enabled\u002Fdisabled from the Settings panel.\n\n### Attack-Chain Intelligence\n- AI parses each conversation to assemble targets, tools, vulnerabilities, and relationships.\n- The web UI renders the chain as an interactive graph with severity scoring and step replay.\n- Export the chain or raw findings to external reporting pipelines.\n\n### WebShell Management\n- **Connections** – From the Web UI, go to **WebShell Management** to add, edit, or delete WebShell connections. Each connection stores: Shell URL, password\u002Fkey, shell type (PHP, ASP, ASPX, JSP, Custom), request method (GET\u002FPOST), command parameter name (default `cmd`), and an optional remark; all records persist in SQLite and are compatible with common clients such as IceSword and AntSword.\n- **Virtual terminal** – After selecting a connection, use the **Virtual terminal** tab to run arbitrary commands with history and quick commands (whoami\u002Fid\u002Fls\u002Fpwd etc.). Output is streamed in the browser, and Ctrl+L clears the screen.\n- **File manager** – Use the **File manager** tab to list directories, read or edit files, delete files, create folders\u002Ffiles, upload files (including chunked uploads for large files), rename paths, and download selected files. Path navigation supports breadcrumbs, parent directory jumps, and name filtering.\n- **AI assistant** – Use the **AI assistant** tab to chat with an agent that understands the current WebShell connection, automatically runs tools and shell commands, and maintains per-connection conversation history with a sidebar of previous sessions.\n- **Connectivity test** – Use **Test connectivity** to verify that the shell URL, password, and command parameter are correct before running commands (sends a lightweight `echo 1` check).\n- **Persistence** – All WebShell connections and AI conversations are stored in SQLite (same database as conversations), so they persist across restarts.\n\n### Built-in C2 (Command & Control)\n- **What it is** – A first-party, **AI-native** C2 stack: listeners accept implants (beacons), the server stores **sessions** and **tasks** in SQLite, pushes updates over an **event bus** (including **SSE**), and exposes everything through authenticated **REST** plus MCP.\n- **Listeners & transports** – `tcp_reverse`, `http_beacon`, `https_beacon`, and `websocket`; per-listener crypto keys; running listeners can be **restored after restart** when marked running in the database.\n- **Agent integration** – MCP exposes a small **C2 tool family** (listeners, sessions, **`c2_task`**, task management, payloads, events, profiles, files) so the same agent loop can orchestrate C2 alongside other tools; dangerous task types can go through the existing **HITL** bridge when your session policy requires it.\n- **Safety** – Use **only** in lab or **fully authorized** engagements; combine network isolation, strong auth, and HITL\u002Fallowlists as your policy demands.\n\n### MCP Everywhere\n- **Web mode** – ships with HTTP MCP server automatically consumed by the UI.\n- **MCP stdio mode** – `go run cmd\u002Fmcp-stdio\u002Fmain.go` exposes the agent to Cursor\u002FCLI.\n- **External MCP federation** – register third-party MCP servers (HTTP, stdio, or SSE) from the UI, toggle them per engagement, and monitor their health and call volume in real time.\n- **Optional MCP servers** – the [`mcp-servers\u002F`](mcp-servers\u002FREADME.md) directory provides standalone MCPs (e.g. reverse shell). They speak standard MCP over stdio and work with CyberStrikeAI (Settings → External MCP), Cursor, VS Code, and other MCP clients.\n\n#### MCP stdio quick start\n1. **Build the binary** (run from the project root):\n   ```bash\n   go build -o cyberstrike-ai-mcp cmd\u002Fmcp-stdio\u002Fmain.go\n   ```\n2. **Wire it up in Cursor**  \n   Open `Settings → Tools & MCP → Add Custom MCP`, pick **Command**, then point to the compiled binary and your config:\n   ```json\n   {\n     \"mcpServers\": {\n       \"cyberstrike-ai\": {\n         \"command\": \"\u002Fabsolute\u002Fpath\u002Fto\u002Fcyberstrike-ai-mcp\",\n         \"args\": [\n           \"--config\",\n           \"\u002Fabsolute\u002Fpath\u002Fto\u002Fconfig.yaml\"\n         ]\n       }\n     }\n   }\n   ```\n   Replace the paths with your local locations; Cursor will launch the stdio server automatically.\n\n#### MCP HTTP quick start (Cursor \u002F Claude Code)\nThe HTTP MCP server runs on a separate port (default `8081`) and supports **header-based authentication** so only clients that send the correct header can call tools.\n\n1. **Enable MCP in config** – In `config.yaml` set `mcp.enabled: true` and optionally `mcp.host` \u002F `mcp.port`. For auth (recommended if the port is reachable from the network), set:\n   - `mcp.auth_header` – header name (e.g. `X-MCP-Token`);\n   - `mcp.auth_header_value` – secret value. **Leave it empty** if you want the server to **auto-generate** a random token on first start and write it back to the config.\n2. **Start the service** – Run `.\u002Frun.sh` or `go run cmd\u002Fserver\u002Fmain.go`. The MCP endpoint is `http:\u002F\u002F\u003Chost>:\u003Cport>\u002Fmcp` (e.g. `http:\u002F\u002Flocalhost:8081\u002Fmcp`).\n3. **Copy the JSON from the terminal** – When MCP is enabled, the server prints a **ready-to-paste** JSON block. If `auth_header_value` was empty, it will have been generated and saved; the printed JSON includes the URL and headers.\n4. **Use in Cursor or Claude Code**:\n   - **Cursor**: Paste the block into `~\u002F.cursor\u002Fmcp.json` (or your project’s `.cursor\u002Fmcp.json`) under `mcpServers`, or merge it into your existing `mcpServers`.\n   - **Claude Code**: Paste into `.mcp.json` or `~\u002F.claude.json` under `mcpServers`.\n\nExample of what the terminal prints (with auth enabled):\n```json\n{\n  \"mcpServers\": {\n    \"cyberstrike-ai\": {\n      \"url\": \"http:\u002F\u002Flocalhost:8081\u002Fmcp\",\n      \"headers\": {\n        \"X-MCP-Token\": \"\u003Cauto-generated-or-your-value>\"\n      },\n      \"type\": \"http\"\n    }\n  }\n}\n```\nIf you do not set `auth_header` \u002F `auth_header_value`, the endpoint accepts requests without authentication (suitable only for localhost or trusted networks).\n\n#### External MCP federation (HTTP\u002Fstdio\u002FSSE)\nCyberStrikeAI supports connecting to external MCP servers via three transport modes:\n- **HTTP mode** – traditional request\u002Fresponse over HTTP POST\n- **stdio mode** – process-based communication via standard input\u002Foutput\n- **SSE mode** – Server-Sent Events for real-time streaming communication\n\nTo add an external MCP server:\n1. Open the Web UI and navigate to **Settings → External MCP**.\n2. Click **Add External MCP** and provide the configuration in JSON format:\n\n   **HTTP mode example:**\n   ```json\n   {\n     \"my-http-mcp\": {\n       \"transport\": \"http\",\n       \"url\": \"http:\u002F\u002F127.0.0.1:8081\u002Fmcp\",\n       \"description\": \"HTTP MCP server\",\n       \"timeout\": 30\n     }\n   }\n   ```\n\n   **stdio mode example:**\n   ```json\n   {\n     \"my-stdio-mcp\": {\n       \"command\": \"python3\",\n       \"args\": [\"\u002Fpath\u002Fto\u002Fmcp-server.py\"],\n       \"description\": \"stdio MCP server\",\n       \"timeout\": 30\n     }\n   }\n   ```\n\n   **SSE mode example:**\n   ```json\n   {\n     \"my-sse-mcp\": {\n       \"transport\": \"sse\",\n       \"url\": \"http:\u002F\u002F127.0.0.1:8082\u002Fsse\",\n       \"description\": \"SSE MCP server\",\n       \"timeout\": 30\n     }\n   }\n   ```\n\n3. Click **Save** and then **Start** to connect to the server.\n4. Monitor the connection status, tool count, and health in real time.\n\n**SSE mode benefits:**\n- Real-time bidirectional communication via Server-Sent Events\n- Suitable for scenarios requiring continuous data streaming\n- Lower latency for push-based notifications\n\nA test SSE MCP server is available at `cmd\u002Ftest-sse-mcp-server\u002F` for validation purposes.\n\n### Knowledge Base\n- **Vector search** – AI agent can automatically search the knowledge base for relevant security knowledge during conversations using the `search_knowledge_base` tool.\n- **Vector retrieval** – cosine similarity over stored embeddings, aligned with Eino `retriever.Retriever` usage.\n- **Auto-indexing** – scans the `knowledge_base\u002F` directory for Markdown files and automatically indexes them with embeddings.\n- **Web management** – create, update, delete knowledge items through the web UI, with category-based organization.\n- **Retrieval logs** – tracks all knowledge retrieval operations for audit and debugging.\n\n**Quick Start (Using Pre-built Knowledge Base):**\n1. **Download the knowledge database** – Download the pre-built knowledge database file from [GitHub Releases](https:\u002F\u002Fgithub.com\u002FEd1s0nZ\u002FCyberStrikeAI\u002Freleases).\n2. **Extract and place** – Extract the downloaded knowledge database file (`knowledge.db`) and place it in the project's `data\u002F` directory.\n3. **Restart the service** – Restart the CyberStrikeAI service, and the knowledge base will be ready to use immediately without rebuilding the index.\n\n**Setting up the knowledge base:**\n1. **Enable in config** – set `knowledge.enabled: true` in `config.yaml`:\n   ```yaml\n   knowledge:\n     enabled: true\n     base_path: knowledge_base\n     embedding:\n       provider: openai\n       model: text-embedding-v4\n       base_url: \"https:\u002F\u002Fapi.openai.com\u002Fv1\"  # or your embedding API\n       api_key: \"sk-xxx\"\n     retrieval:\n       top_k: 5\n       similarity_threshold: 0.7\n   ```\n2. **Add knowledge files** – place Markdown files in `knowledge_base\u002F` directory, organized by category (e.g., `knowledge_base\u002FSQL Injection\u002FREADME.md`).\n3. **Scan and index** – use the web UI to scan the knowledge base directory, which will automatically import files and build vector embeddings.\n4. **Use in conversations** – the AI agent will automatically use `search_knowledge_base` when it needs security knowledge. You can also explicitly ask: \"Search the knowledge base for SQL injection techniques\".\n\n**Knowledge base structure:**\n- Files are organized by category (directory name becomes the category).\n- Each Markdown file becomes a knowledge item with automatic chunking for vector search.\n- The system supports incremental updates – modified files are re-indexed automatically.\n\n\n### Automation Hooks\n- **REST APIs** – everything the UI uses (auth, conversations, tool runs, monitor, vulnerabilities, roles) is available over JSON.\n- **Multi-agent APIs** – `POST \u002Fapi\u002Fmulti-agent\u002Fstream` (SSE, when enabled), `POST \u002Fapi\u002Fmulti-agent` (non-streaming), Markdown agents under `\u002Fapi\u002Fmulti-agent\u002Fmarkdown-agents` (list\u002Fget\u002Fcreate\u002Fupdate\u002Fdelete).\n- **Role APIs** – manage security testing roles via `\u002Fapi\u002Froles` endpoints: `GET \u002Fapi\u002Froles` (list all roles), `GET \u002Fapi\u002Froles\u002F:name` (get role), `POST \u002Fapi\u002Froles` (create role), `PUT \u002Fapi\u002Froles\u002F:name` (update role), `DELETE \u002Fapi\u002Froles\u002F:name` (delete role). Roles are stored as YAML files in the `roles\u002F` directory and support hot-reload.\n- **Vulnerability APIs** – manage vulnerabilities via `\u002Fapi\u002Fvulnerabilities` endpoints: `GET \u002Fapi\u002Fvulnerabilities` (list with filters), `POST \u002Fapi\u002Fvulnerabilities` (create), `GET \u002Fapi\u002Fvulnerabilities\u002F:id` (get), `PUT \u002Fapi\u002Fvulnerabilities\u002F:id` (update), `DELETE \u002Fapi\u002Fvulnerabilities\u002F:id` (delete), `GET \u002Fapi\u002Fvulnerabilities\u002Fstats` (statistics).\n- **Batch Task APIs** – manage batch task queues via `\u002Fapi\u002Fbatch-tasks` endpoints: `POST \u002Fapi\u002Fbatch-tasks` (create queue), `GET \u002Fapi\u002Fbatch-tasks` (list queues), `GET \u002Fapi\u002Fbatch-tasks\u002F:queueId` (get queue), `POST \u002Fapi\u002Fbatch-tasks\u002F:queueId\u002Fstart` (start execution), `POST \u002Fapi\u002Fbatch-tasks\u002F:queueId\u002Fcancel` (cancel), `DELETE \u002Fapi\u002Fbatch-tasks\u002F:queueId` (delete), `POST \u002Fapi\u002Fbatch-tasks\u002F:queueId\u002Ftasks` (add task), `PUT \u002Fapi\u002Fbatch-tasks\u002F:queueId\u002Ftasks\u002F:taskId` (update task), `DELETE \u002Fapi\u002Fbatch-tasks\u002F:queueId\u002Ftasks\u002F:taskId` (delete task). Tasks execute sequentially, each creating a separate conversation with full status tracking.\n- **WebShell APIs** – manage WebShell connections and execute commands via `\u002Fapi\u002Fwebshell\u002Fconnections` (GET list, POST create, PUT update, DELETE delete) and `\u002Fapi\u002Fwebshell\u002Fexec` (command execution), `\u002Fapi\u002Fwebshell\u002Ffileop` (list\u002Fread\u002Fwrite\u002Fdelete files).\n- **C2 APIs** – manage listeners, sessions, tasks, payloads, files, and events under `\u002Fapi\u002Fc2\u002F*` (e.g. listeners CRUD\u002Fstart\u002Fstop, session sleep, task create\u002Fcancel\u002Fwait, payload build\u002Fdownload, event stream).\n- **Task control** – pause\u002Fresume\u002Fstop long scans, re-run steps with new params, or stream transcripts.\n- **Audit & security** – rotate passwords via `\u002Fapi\u002Fauth\u002Fchange-password`, enforce short-lived sessions, and restrict MCP ports at the network layer when exposing the service.\n\n## Configuration Reference\n\n```yaml\nauth:\n  password: \"change-me\"\n  session_duration_hours: 12\nserver:\n  host: \"0.0.0.0\"\n  port: 8080\nlog:\n  level: \"info\"\n  output: \"stdout\"\nmcp:\n  enabled: true\n  host: \"0.0.0.0\"\n  port: 8081\n  auth_header: \"X-MCP-Token\"       # optional; leave empty for no auth\n  auth_header_value: \"\"            # optional; leave empty to auto-generate on first start\nopenai:\n  api_key: \"sk-xxx\"\n  base_url: \"https:\u002F\u002Fapi.deepseek.com\u002Fv1\"\n  model: \"deepseek-chat\"\ndatabase:\n  path: \"data\u002Fconversations.db\"\n  knowledge_db_path: \"data\u002Fknowledge.db\"  # Optional: separate DB for knowledge base\nsecurity:\n  tools_dir: \"tools\"\nknowledge:\n  enabled: false  # Enable knowledge base feature\n  base_path: \"knowledge_base\"  # Path to knowledge base directory\n  embedding:\n    provider: \"openai\"  # Embedding provider (currently only \"openai\")\n    model: \"text-embedding-v4\"  # Embedding model name\n    base_url: \"\"  # Leave empty to use OpenAI base_url\n    api_key: \"\"  # Leave empty to use OpenAI api_key\n  retrieval:\n    top_k: 5  # Number of top results to return\n    similarity_threshold: 0.7  # Minimum cosine similarity (0-1)\nroles_dir: \"roles\"  # Role configuration directory (relative to config file)\nskills_dir: \"skills\"  # Skills directory (relative to config file)\nagents_dir: \"agents\"  # Multi-agent Markdown definitions (orchestrator + sub-agents)\nmulti_agent:\n  enabled: false\n  default_mode: \"single\"   # single | multi (UI default when multi-agent is enabled)\n  robot_use_multi_agent: false\n  batch_use_multi_agent: false\n  orchestrator_instruction: \"\"  # Deep; used when orchestrator.md body is empty\n  # orchestrator_instruction_plan_execute \u002F orchestrator_instruction_supervisor optional\n  # eino_skills: { disable: false, filesystem_tools: true, skill_tool_name: skill }\n  # eino_middleware: optional patch_tool_calls, tool_search, plantask, reduction, checkpoint_dir, ...\n```\n\n### Tool Definition Example (`tools\u002Fnmap.yaml`)\n\n```yaml\nname: \"nmap\"\ncommand: \"nmap\"\nargs: [\"-sT\", \"-sV\", \"-sC\"]\nenabled: true\nshort_description: \"Network mapping & service fingerprinting\"\nparameters:\n  - name: \"target\"\n    type: \"string\"\n    description: \"IP or domain\"\n    required: true\n    position: 0\n  - name: \"ports\"\n    type: \"string\"\n    flag: \"-p\"\n    description: \"Range, e.g. 1-1000\"\n```\n\n### Role Definition Example (`roles\u002Fpenetration-testing.yaml`)\n\n```yaml\nname: Penetration Testing\ndescription: Professional penetration testing expert for comprehensive security testing\nuser_prompt: You are a professional cybersecurity penetration testing expert. Please use professional penetration testing methods and tools to conduct comprehensive security testing on targets, including but not limited to SQL injection, XSS, CSRF, file inclusion, command execution and other common vulnerabilities.\nicon: \"\\U0001F3AF\"\ntools:\n  - nmap\n  - sqlmap\n  - nuclei\n  - burpsuite\n  - metasploit\n  - httpx\n  - record_vulnerability\n  - list_knowledge_risk_types\n  - search_knowledge_base\nenabled: true\n```\n\n## Related documentation\n\n- [Multi-agent mode (Eino)](docs\u002FMULTI_AGENT_EINO.md): **Deep**, **Plan-Execute**, **Supervisor**, `agents\u002F*.md`, `eino_skills` \u002F `eino_middleware`, APIs, and chat\u002Fstream behavior.\n- [Robot \u002F Chatbot guide (DingTalk & Lark)](docs\u002Frobot_en.md): Full setup, commands, and troubleshooting for using CyberStrikeAI from DingTalk or Lark on your phone. **Follow this doc to avoid common pitfalls.**\n\n## Project Layout\n\n```\nCyberStrikeAI\u002F\n├── cmd\u002F                 # Server, MCP stdio entrypoints, tooling\n├── internal\u002F            # Agent, MCP core, handlers, C2 (`internal\u002Fc2`), security executor\n├── web\u002F                 # Static SPA + templates\n├── tools\u002F               # YAML tool recipes (100+ examples provided)\n├── roles\u002F               # Role configurations (12+ predefined security testing roles)\n├── skills\u002F              # Agent Skills dirs (SKILL.md + optional files; demo: cyberstrike-eino-demo)\n├── agents\u002F              # Multi-agent Markdown (orchestrator.md + sub-agent *.md)\n├── docs\u002F                # Documentation (e.g. robot\u002Fchatbot guide, MULTI_AGENT_EINO.md)\n├── images\u002F              # Docs screenshots & diagrams\n├── config.yaml          # Runtime configuration\n├── run.sh               # Convenience launcher\n└── README*.md\n```\n\n## Basic Usage Examples\n\n```\nScan open ports on 192.168.1.1\nPerform a comprehensive port scan on 192.168.1.1 focusing on 80,443,22\nCheck if https:\u002F\u002Fexample.com\u002Fpage?id=1 is vulnerable to SQL injection\nScan https:\u002F\u002Fexample.com for hidden directories and outdated software\nEnumerate subdomains for example.com, then run nuclei against the results\n```\n\n## Advanced Playbooks\n\n```\nLoad the recon-engagement template, run amass\u002Fsubfinder, then brute-force dirs on every live host.\nUse external Burp-based MCP server for authenticated traffic replay, then pass findings back for graphing.\nCompress the 5 MB nuclei report, summarize critical CVEs, and attach the artifact to the conversation.\nBuild an attack chain for the latest engagement and export the node list with severity >= high.\n```\n\n## 404Starlink \n\n\u003Cimg src=\".\u002Fimages\u002F404StarLinkLogo.png\" width=\"30%\">\n\nCyberStrikeAI has joined [404Starlink](https:\u002F\u002Fgithub.com\u002Fknownsec\u002F404StarLink)\n\n## TCH Top-Ranked Intelligent Pentest Project  \n\u003Cdiv align=\"left\">\n  \u003Ca href=\"https:\u002F\u002Fzc.tencent.com\u002Fcompetition\u002FcompetitionHackathon?code=cha004\" target=\"_blank\">\n    \u003Cimg src=\".\u002Fimages\u002Ftch.png\" alt=\"TCH Top-Ranked Intelligent Pentest Project\" width=\"30%\">\n  \u003C\u002Fa>\n\u003C\u002Fdiv>\n\n## Stargazers over time\n![Stargazers over time](https:\u002F\u002Fstarchart.cc\u002FEd1s0nZ\u002FCyberStrikeAI.svg)\n\n\n---\n\n## License\n\nCyberStrikeAI is licensed under the Apache License 2.0.  \nSee the [LICENSE](LICENSE) file for details.\n\n---\n\n## ⚠️ Disclaimer\n\n**This tool is for educational and authorized testing purposes only!**\n\nCyberStrikeAI is a professional security testing platform designed to assist security researchers, penetration testers, and IT professionals in conducting security assessments and vulnerability research **with explicit authorization**.\n\n**By using this tool, you agree to:**\n- Use this tool only on systems where you have clear written authorization\n- Comply with all applicable laws, regulations, and ethical standards\n- Take full responsibility for any unauthorized use or misuse\n- Not use this tool for any illegal or malicious purposes\n\n**The developers are not responsible for any misuse!** Please ensure your usage complies with local laws and regulations, and that you have obtained explicit authorization from the target system owner.\n\n---\n\nNeed help or want to contribute? Open an issue or PR—community tooling additions are welcome!\n\n\n","CyberStrikeAI 是一个基于Go语言构建的AI原生安全测试平台。它集成了100多种安全工具、智能编排引擎、基于角色的安全测试（预定义安全角色）、专门的技能系统以及全面的生命周期管理功能，还包括一个轻量级的C2框架用于授权操作。通过MCP协议和AI代理，该平台实现了从对话命令到漏洞发现、攻击链分析、知识检索及结果可视化的端到端自动化过程，为安全团队提供了一个可审计、可追溯且协作性强的测试环境。适用于需要进行全面安全评估与渗透测试的企业或组织场景中。",2,"2026-06-11 03:44:38","high_star"]