ed1s0nz/cyberstrikeai

CyberStrikeAI is a security testing platform built in Go that uses AI to coordinate and run security checks. It bundles over 100 pre-built tools covering network scanning, web application testing, exploit frameworks, and password cracking, and connects them through an AI decision engine that understands natural language instructions. Security teams describe what they want to test, and the platform determines which tools to run and in what order. The platform supports multiple AI models through an OpenAI-compatible API, including GPT, Claude, and DeepSeek. An orchestration engine handles single-agent and multi-agent workflows, meaning simple tasks go to one AI loop while complex assessments can split work across a coordinator and specialist sub-agents. All results are stored in a SQLite database and accessible through a password-protected web interface showing dashboards for vulnerabilities, tasks, conversations, and tool usage. A built-in C2 (command and control) component supports authorized penetration testing engagements. It can receive connections back from test targets over TCP, HTTP, HTTPS, or WebSockets, manage active sessions, queue commands, and generate payloads. The README notes repeatedly that this feature is for authorized testing only. A similar caution applies to the WebShell management interface, which lets testers connect to and control web shells placed on systems they have permission to test. Roles and skills let operators define what kind of testing a given session should focus on, such as CTF competitions, web application scanning, or general penetration testing. A knowledge base with vector search stores prior findings and documentation that the AI can pull from when forming its responses. Chatbot integrations with DingTalk and Lark let testers send commands from mobile devices. A Burp Suite plugin extends the platform into web proxy workflows. The full README is longer than what was shown.