Skip to main content

Over 150 LLM Providers · Over 5,300 Models The most extensible AI-powered pentesting platform. Open source. Star on GitHub

CyberStrikeus/CyberStrike GitHub stars

Autonomous Offensive Security

Point at a target.
Watch it fall.

One command turns any terminal into a team of specialized AI agents — recon, web, network, cloud and post-exploitation — that map your attack surface, exploit it, and write the report.

Bolt Server

Deploy on any VPS, Docker, or Kali box. Ed25519 key pairing. One CyberStrike controls dozens of Bolt servers — each with its own toolkit. 7,600+ Ed25519-signed skills, lazy-loaded, injected at runtime.

Ed25519Remote7,600+ skills

HackBrowser

Built-in Chromium. Browse manually or let it crawl autonomously. Every HTTP request captured and routed to 8 vulnerability testers in parallel. Multi-credential support — crawl as admin, then as user, discover the gaps.

8 testersWSTGPoC

Network & Post-Exploitation

Kerberoast, NTLM relay, DCSync — automated lateral movement from foothold to Domain Admin. macOS credential extraction, Windows privilege escalation, 29 eBPF kernel scripts, AWS/Azure/K8s hooks. No external tools needed.

KerberosNTLMDCSync

Agentic Finding Validation

Baseline. Attack. Compare. Findings are only reported when there's a measurable, reproducible difference. No hallucinated vulnerabilities — 3-Gate PoC validation.

AWSAzureGCP

MCP Native Support

176+ security tools built on Model Context Protocol. Add custom MCP servers from npm packages, build your own with Plugin SDK (15+ hook types). Cloud audit, GitHub security, CVE intelligence, OSINT — plug-and-play.

176+ MCPnpm installPlugin SDK

Over 150 LLM Providers · Over 5,300 Models

Anthropic, OpenAI, Google, Bedrock, Azure, xAI, Groq, Mistral, DeepSeek — or fully offline with Ollama/LM Studio. Air-gapped mode: no data leaves your network. Zero lock-in.

BYOKAir-gappedOllama
Quick Start

Works everywhere

Run security assessments from your terminal. CLI, TUI, Web, and IDE integrations available.

macOS / Linux
# AI-powered pentesting framework. Works everywhere. 🎯
curl -fsSL https://cyberstrike.io/install.sh | bash
# AI-powered pentesting framework. Beta version. 🚀
curl -fsSL https://cyberstrike.io/install.sh | bash -s -- --beta
# AI-powered pentesting framework. Works everywhere. 🎯
iwr -useb https://cyberstrike.io/install.ps1 | iex
# AI-powered pentesting framework. Beta version. 🚀
iwr -useb https://cyberstrike.io/install-beta.ps1 | iex
# AI-powered pentesting framework. Works everywhere. 🎯
powershell -Command "iwr -useb https://cyberstrike.io/install.ps1 | iex"
# AI-powered pentesting framework. Beta version. 🚀
powershell -Command "iwr -useb https://cyberstrike.io/install-beta.ps1 | iex"

Get started in minutes

1

Install Cyberstrike

One command to install. Works on macOS, Linux, and Windows with WSL.

2

Add Your API Keys

Bring your own keys from 144 providers — Anthropic, OpenAI, Google, DeepSeek, and more. Full control over your AI costs.

3

Start Hacking

Point Cyberstrike at your target and let the AI agent do the reconnaissance and exploitation.

best value
Features

Everything you need for security testing

Cyberstrike combines the power of multiple AI models with battle-tested security tools.

Multi-Model AI

144 providers, 800+ models. Claude, GPT-5, Gemini, DeepSeek, Ollama, and more. Switch between providers seamlessly.

Automated Scanning

Comprehensive vulnerability scanning for web apps, APIs, and infrastructure with zero configuration.

BYOK Model

Use your own API keys. Full control over costs and data privacy. No vendor lock-in.

Detailed Reports

Generate professional pentest reports in PDF, Markdown, or HTML with remediation guidance.

CLI & TUI

Powerful terminal interface with both CLI for scripting and TUI for interactive sessions.

Fully Extensible

Fork it, customize it, add your own tools. AGPL-3.0 licensed, community-driven development.

Battle-tested

Trusted by security professionals

7,600+

Offensive security skills

800+

AI models supported

144

AI providers integrated

AGPL

Licensed & open source

Open Source Community

From the security community

Cyberstrike cut our vulnerability assessment time by 70%. The AI actually understands context and doesn't just throw false positives at you.

Alex Chen

Alex Chen

Senior Security Engineer

Finally, an AI tool that thinks like a pentester. The reconnaissance phase alone saves me hours on every engagement.

Sarah Mitchell

Sarah Mitchell

Penetration Tester

The BYOK model is brilliant. I keep my API costs under control and my client data stays private. Win-win.

Marcus Rodriguez

Marcus Rodriguez

Security Consultant

Love that it's open source. We forked it, added our custom tools, and now have a pentesting agent tailored to our methodology.

Emily Watson

Emily Watson

Red Team Lead

Being able to switch between Claude and GPT-4 mid-session is a game changer. Different models excel at different tasks.

James Park

James Park

Bug Bounty Hunter

Self-hosted, air-gapped, running on local models. Perfect for our compliance requirements. And it's completely free.

Lisa Thompson

Lisa Thompson

CISO

Open Source Forever

Open Source

Cyberstrike is open source under AGPL-3.0. Free for personal use, research, and education. Commercial license available for enterprises. Powerful AI-driven security testing for everyone.

5+
AI Agents
100+
Security Tools
AGPL
License
Possibilities

100% Open Source

AGPL-3.0 licensed. Fork it, modify it, self-host it. Full transparency, no hidden code.

Community Driven

Built by security professionals, for security professionals. Join our growing community.

No Vendor Lock-in

Bring your own API keys. Works with 144 providers and 800+ models — OpenAI, Anthropic, DeepSeek, local models, and more.

Contribute

PRs welcome! Help us build the future of AI-powered penetration testing.

Star us on GitHub to show your support!

Stay in the loop

Get the latest updates on new features, security tools, and AI agent improvements. Be the first to know.

Join 1,000+ security professionals

FAQ

Frequently Asked Questions

Cyberstrike is an autonomous AI-powered penetration testing agent. It combines multiple AI models (Claude, GPT, Gemini) with specialized security tools to perform assessments, identify vulnerabilities, and generate detailed reports - all with minimal human intervention. It's 100% open source under the AGPL-3.0 license.
With BYOK, you use your own API keys from AI providers like Anthropic, OpenAI, or Google. This means you have full control over your AI costs, usage limits, and data privacy. We never store or have access to your conversations with the AI models.
Cyberstrike is designed for authorized security testing only. It includes built-in safety mechanisms and requires explicit confirmation before performing any potentially destructive actions. Always ensure you have proper authorization before testing any system.
Cyberstrike supports 144 AI providers and 800+ models, including Claude (Anthropic), GPT-5 (OpenAI), Gemini (Google), DeepSeek, and many more. You can also use local models via Ollama or LM Studio for air-gapped environments. Switch between providers and models based on your needs and preferences.
Yes! Cyberstrike is fully self-hostable. You can run it on your own infrastructure, use local AI models with Ollama, and keep all data on-premise. Perfect for organizations with strict security requirements or air-gapped environments.
Cyberstrike is open source under the AGPL-3.0 license. For personal use, research, and education - it's completely free. For commercial use where you don't want to open-source your modifications, we offer a commercial license. Contact [email protected] for enterprise licensing options.
We welcome contributions! Check out our GitHub repository to report issues, submit pull requests, or join discussions. Whether it's code, documentation, or security tool integrations - all contributions help make Cyberstrike better for the security community.
New Model Release

CyberStrike-OffSec-35B

The #1 open-source AI model for offensive security. 35B MoE architecture with only 3B active parameters — runs on consumer hardware.

81.39%SecEval #1
93.94%MITRE ATT&CK #1
93.05%CWE #1