Cyberstrike is now open source! AI-powered penetration testing for security professionals. Star on GitHub

Your AI Pentest Partner

Drop into any terminal. Point at a target. Let the agent handle recon, exploitation, and reporting. BYOK model - use your own API keys, keep your data private.

View on GitHub Read Docs

Powered by leading AI providers.

See it in action

Watch Cyberstrike Find Vulnerabilities

5 AI Agents

Cloud Security, Internal Network, Red Team, Web Application, and Bug Hunter agents - each specialized for different attack vectors.

Kali MCP Tools

Full integration with nmap, sqlmap, nikto, and 100+ Kali Linux tools via Model Context Protocol.

BYOK Model

Bring your own API keys from OpenAI, Anthropic, or Google. Full control over costs and data privacy.

AI Agents

Autonomous Offensive Agents

Five specialized AI agents handle different attack vectors: Cloud Security for AWS/Azure/GCP, Internal Network for lateral movement, Red Team for advanced persistent threats, Web Application for OWASP vulnerabilities, and Bug Hunter for bug bounty hunting.

Learn More
Autonomous Offensive Agents
Open Source

Extensible MCP Architecture

Built on the Model Context Protocol (MCP), Cyberstrike supports 100+ security tools out of the box. Easily extend with custom MCP servers for your specific pentesting workflow - from Nmap to Metasploit to custom scripts.

Documentation
Extensible MCP Architecture
100+ MCP Tools

All your pentesting tools, AI-powered

Nmap

SQLMap

Nikto

Burp Suite

Nuclei

Hydra

Metasploit

Wireshark

Hashcat

John

FFUF

Amass

AWS CLI

Azure CLI

GCloud

Playwright

Gobuster

Aircrack

Responder

Impacket

Subfinder

BloodHound

CrackMapExec

Custom MCPs

Open Source Community

From the security community

Join thousands of security professionals using Cyberstrike for penetration testing.

Cyberstrike cut our vulnerability assessment time by 70%. The AI actually understands context and doesn't just throw false positives at you.

Alex Chen

Alex Chen

Senior Security Engineer

Finally, an AI tool that thinks like a pentester. The reconnaissance phase alone saves me hours on every engagement.

Sarah Mitchell

Sarah Mitchell

Penetration Tester

The BYOK model is brilliant. I keep my API costs under control and my client data stays private. Win-win.

Marcus Rodriguez

Marcus Rodriguez

Security Consultant

Love that it's open source. We forked it, added our custom tools, and now have a pentesting agent tailored to our methodology.

Emily Watson

Emily Watson

Red Team Lead

Being able to switch between Claude and GPT-4 mid-session is a game changer. Different models excel at different tasks.

James Park

James Park

Bug Bounty Hunter

Self-hosted, air-gapped, running on local models. Perfect for our compliance requirements. And it's completely free.

Lisa Thompson

Lisa Thompson

CISO

Automate your pentesting workflow.

View on GitHub
  • 100% Open Source
  • BYOK Model
  • 100+ MCP Tools
  • Multi-Provider Support

Frequently Asked Questions

What is Cyberstrike?

Cyberstrike is an autonomous AI-powered penetration testing agent. It combines multiple AI models (Claude, GPT, Gemini) with specialized security tools to perform assessments, identify vulnerabilities, and generate detailed reports - all with minimal human intervention. It's 100% open source under the AGPL-3.0 license.

How does the BYOK (Bring Your Own Key) model work?

With BYOK, you use your own API keys from AI providers like Anthropic, OpenAI, or Google. This means you have full control over your AI costs, usage limits, and data privacy. We never store or have access to your conversations with the AI models.

Is Cyberstrike safe to use on production systems?

Cyberstrike is designed for authorized security testing only. It includes built-in safety mechanisms and requires explicit confirmation before performing any potentially destructive actions. Always ensure you have proper authorization before testing any system.

What AI models are supported?

Cyberstrike supports Claude (Anthropic), GPT-4 (OpenAI), Gemini (Google), and other major AI providers. You can also use local models like Ollama for air-gapped environments. Switch between models based on your needs and preferences.

Can I self-host Cyberstrike?

Yes! Cyberstrike is fully self-hostable. You can run it on your own infrastructure, use local AI models with Ollama, and keep all data on-premise. Perfect for organizations with strict security requirements or air-gapped environments.

Is Cyberstrike free?

Cyberstrike is open source under the AGPL-3.0 license. For personal use, research, and education - it's completely free. For commercial use where you don't want to open-source your modifications, we offer a commercial license. Contact [email protected] for enterprise licensing options.

How can I contribute?

We welcome contributions! Check out our GitHub repository to report issues, submit pull requests, or join discussions. Whether it's code, documentation, or security tool integrations - all contributions help make Cyberstrike better for the security community.