@cyberstrike-io/cyberstrike 1.1.11 → 1.1.12-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +17 -18
- package/hackbrowser-worker.js +54175 -0
- package/package.json +15 -2
- package/postinstall.mjs +62 -0
- package/web/assets/{ghostty-web-BEaItqWb.js → ghostty-web-BkjgiG2x.js} +1 -1
- package/web/assets/{home-BNJKducT.js → home-zYhRaV9C.js} +1 -1
- package/web/assets/{index-DTi-tKnC.js → index-BFKoq4fl.js} +15 -15
- package/web/assets/{index-qjnafwSF.css → index-BZMNDjFU.css} +1 -1
- package/web/assets/{session-D3tXjXUp.js → session-M7hPXNIo.js} +3 -3
- package/web/index.html +2 -2
package/README.md
CHANGED
|
@@ -87,6 +87,7 @@ CyberStrike isn't just a wrapper around an LLM. It's an intelligence layer that
|
|
|
87
87
|
CyberStrike doesn't just give agents generic security knowledge — it loads domain-specific skills on-demand with zero context pollution.
|
|
88
88
|
|
|
89
89
|
**What's a skill?** A skill is a structured test procedure that includes:
|
|
90
|
+
|
|
90
91
|
- Target methodology (OWASP WSTG, MITRE ATT&CK, CIS Benchmark, NIST)
|
|
91
92
|
- Copy-paste ready test commands
|
|
92
93
|
- Tool references and dependencies
|
|
@@ -95,12 +96,12 @@ CyberStrike doesn't just give agents generic security knowledge — it loads dom
|
|
|
95
96
|
|
|
96
97
|
**Coverage:**
|
|
97
98
|
|
|
98
|
-
| Framework
|
|
99
|
-
|
|
|
100
|
-
| **MITRE ATT&CK**
|
|
101
|
-
| **CIS Benchmarks**
|
|
102
|
-
| **OWASP WSTG**
|
|
103
|
-
| **NIST**
|
|
99
|
+
| Framework | Skills | What It Includes |
|
|
100
|
+
| ------------------ | ------ | ----------------------------------------------------------------------------------- |
|
|
101
|
+
| **MITRE ATT&CK** | 691 | Enterprise tactics + 2,000+ Atomic Red Team tests (Kerberoasting, LSASS dump, etc.) |
|
|
102
|
+
| **CIS Benchmarks** | 1,500+ | Cloud (AWS/Azure/GCP), Containers (Docker/K8s), OS (Ubuntu), Server (Apache/Nginx) |
|
|
103
|
+
| **OWASP WSTG** | 125 | Web app security testing (XSS, SQLi, AuthN, AuthZ, Session, API) |
|
|
104
|
+
| **NIST** | 200+ | Security controls and compliance frameworks |
|
|
104
105
|
|
|
105
106
|
**Lazy Loading** — Skills load only when needed. An agent testing for Kerberoasting pulls T1558.003 skill (7 Atomic tests) into context, runs the tests, then discards it. Next test = new skill. Zero bloat.
|
|
106
107
|
|
|
@@ -225,13 +226,12 @@ Bolt is CyberStrike's remote tool server. Deploy it on any VPS, cloud instance,
|
|
|
225
226
|
|
|
226
227
|
CyberStrike connects to specialized MCP servers that extend its capabilities — **176+ security tools** across 5 domains:
|
|
227
228
|
|
|
228
|
-
| Server | Tools | What It Adds
|
|
229
|
-
| ---------------------------------------------------------------------- | ----- |
|
|
230
|
-
| [
|
|
231
|
-
| [
|
|
232
|
-
| [
|
|
233
|
-
| [
|
|
234
|
-
| [osint-mcp](https://github.com/badchars/osint-mcp) | 37 | OSINT recon — Shodan, VirusTotal, SecurityTrails, Censys, DNS, WHOIS |
|
|
229
|
+
| Server | Tools | What It Adds |
|
|
230
|
+
| ---------------------------------------------------------------------- | ----- | -------------------------------------------------------------------- |
|
|
231
|
+
| [cloud-audit-mcp](https://github.com/badchars/cloud-audit-mcp) | 38 | Cloud security audits — 60+ checks across AWS, Azure, GCP |
|
|
232
|
+
| [github-security-mcp](https://github.com/badchars/github-security-mcp) | 39 | GitHub security posture — repo, org, actions, secrets, supply chain |
|
|
233
|
+
| [cve-mcp](https://github.com/badchars/cve-mcp) | 23 | CVE intelligence — NVD, EPSS, CISA KEV, GitHub Advisory, OSV |
|
|
234
|
+
| [osint-mcp](https://github.com/badchars/osint-mcp) | 37 | OSINT recon — Shodan, VirusTotal, SecurityTrails, Censys, DNS, WHOIS |
|
|
235
235
|
|
|
236
236
|
All open source. All installable with `npx`. Plug them into CyberStrike or use them standalone with any MCP-compatible client.
|
|
237
237
|
|
|
@@ -309,11 +309,10 @@ CyberStrike is the core platform. These MCP servers extend its capabilities:
|
|
|
309
309
|
| Project | Domain | Tools |
|
|
310
310
|
| ---------------------------------------------------------------------- | --------------------------------------- | ------------------------------------------- |
|
|
311
311
|
| **CyberStrike** | **Autonomous offensive security agent** | **7,300+ skills (MITRE, CIS, OWASP, NIST)** |
|
|
312
|
-
| [
|
|
313
|
-
| [
|
|
314
|
-
| [
|
|
315
|
-
| [
|
|
316
|
-
| [osint-mcp](https://github.com/badchars/osint-mcp-server) | OSINT & reconnaissance | 37 tools, 12 sources |
|
|
312
|
+
| [cloud-audit-mcp](https://github.com/badchars/cloud-audit-mcp) | Cloud security (AWS/Azure/GCP) | 38 tools, 60+ checks |
|
|
313
|
+
| [github-security-mcp](https://github.com/badchars/github-security-mcp) | GitHub security posture | 39 tools, 45 checks |
|
|
314
|
+
| [cve-mcp](https://github.com/badchars/cve-mcp) | Vulnerability intelligence | 23 tools, 5 sources |
|
|
315
|
+
| [osint-mcp](https://github.com/badchars/osint-mcp-server) | OSINT & reconnaissance | 37 tools, 12 sources |
|
|
317
316
|
|
|
318
317
|
---
|
|
319
318
|
|