CyberStrike v1.1.9
What's New
Web UI & Remote Access
CyberStrike now ships with a full Web UI accessible from your browser. Run pentests from any device — laptop, tablet, or remote workstation.
cyberstrike web— Launches CyberStrike with built-in Web UI onlocalhost:4096cyberstrike serve— Headless server mode for remote access via Cloudflare Tunnelapp.cyberstrike.io— Connect to any CyberStrike instance using the hosted Hub UI. Enter your CF tunnel URL and password to connect from anywhere.- Hub Connect Screen — First-time users on
app.cyberstrike.iosee a connect screen to choose localhost or enter a remote tunnel URL - Password Auth — Set
CYBERSTRIKE_SERVER_PASSWORDfor remote access. Unicode-safe Basic auth with automatic loopback bypass for local use.
Bolt Tool Discovery in MCP Tab
Bolt security servers now surface their individual tools and MCP servers in CyberStrike's MCP tab:
- Plugin tools (subfinder, nmap, nuclei, etc.) each appear as separate entries with tool counts
- User-configured MCP servers (dnsx, sqlmap, katana, etc.) added via
bolt.config.jsonare also visible - Each Bolt-sourced tool shows a "bolt" badge identifying the source server
Built-in Security MCP Servers
CyberStrike ships with 3 pre-configured MCP servers for immediate offensive security capability:
- osint (37 tools) — OSINT reconnaissance and intelligence gathering
- cve (23 tools) — CVE/NVD/EPSS/KEV/GHSA/OSV vulnerability intelligence
- github-security (39 tools) — GitHub security scanning with 45 checks
Other Improvements
- CORS and auth fixes for CF tunnel remote access
- Retry provider API calls on 5xx server errors
- Bump minimatch and dompurify for security patches
- MCP/Bolt config persisted to global scope
- Web UI bundled in npm package, auto-installed to
~/.cyberstrike/web/
Install / Upgrade
# Install
curl -fsSL https://bolt.cyberstrike.io/install.sh | bash
# Or via npm
npm install -g @cyberstrike-io/cyberstrike
# Upgrade existing
cyberstrike upgrade