From 062dc74756432301052a9479b16d052d197340a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=85=AC=E6=98=8E?= <83812544+Ed1s0nZ@users.noreply.github.com> Date: Tue, 25 Nov 2025 19:48:04 +0800 Subject: [PATCH] Add files via upload --- README.md | 54 ++++++++++++++++++++++++++++++++++++++++++++---- README_CN.md | 54 ++++++++++++++++++++++++++++++++++++++++++++---- requirements.txt | 25 ++++++++++++++++++++++ 3 files changed, 125 insertions(+), 8 deletions(-) create mode 100644 requirements.txt diff --git a/README.md b/README.md index 231d82f6..9ec28d15 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,15 @@ CyberStrikeAI ships with 100+ curated tools covering the whole kill chain: cd CyberStrikeAI-main go mod download ``` -2. **Configure OpenAI-compatible access** +2. **Set up the Python tooling stack (required for the YAML tools directory)** + A large portion of `tools/*.yaml` recipes wrap Python utilities (`api-fuzzer`, `http-framework-test`, `install-python-package`, etc.). Create the project-local virtual environment once and install the shared dependencies: + ```bash + python3 -m venv venv + source venv/bin/activate + pip install -r requirements.txt + ``` + The helper tools automatically detect this `venv` (or any already active `$VIRTUAL_ENV`), so the default `env_name` works out of the box unless you intentionally supply another target. +3. **Configure OpenAI-compatible access** Either open the in-app `Settings` panel after launch or edit `config.yaml`: ```yaml openai: @@ -66,7 +74,7 @@ CyberStrikeAI ships with 100+ curated tools covering the whole kill chain: security: tools_dir: "tools" ``` -3. **Install the tooling you need (optional)** +4. **Install the tooling you need (optional)** ```bash # macOS brew install nmap sqlmap nuclei httpx gobuster feroxbuster subfinder amass @@ -74,7 +82,7 @@ CyberStrikeAI ships with 100+ curated tools covering the whole kill chain: sudo apt-get install nmap sqlmap nuclei httpx gobuster feroxbuster ``` AI automatically falls back to alternatives when a tool is missing. -4. **Launch** +5. **Launch** ```bash chmod +x run.sh && ./run.sh # or @@ -82,7 +90,7 @@ CyberStrikeAI ships with 100+ curated tools covering the whole kill chain: # or go build -o cyberstrike-ai cmd/server/main.go ``` -5. **Open the console** at http://localhost:8080, log in with the generated password, and start chatting. +6. **Open the console** at http://localhost:8080, log in with the generated password, and start chatting. ### Core Workflows - **Conversation testing** – Natural-language prompts trigger toolchains with streaming SSE output. @@ -121,6 +129,44 @@ CyberStrikeAI ships with 100+ curated tools covering the whole kill chain: - **MCP stdio mode** – `go run cmd/mcp-stdio/main.go` exposes the agent to Cursor/CLI. - **External MCP federation** – register third-party MCP servers (HTTP or stdio) from the UI, toggle them per engagement, and monitor their health and call volume in real time. +#### MCP stdio quick start +1. **Build the binary** (run from the project root): + ```bash + go build -o cyberstrike-ai-mcp cmd/mcp-stdio/main.go + ``` +2. **Wire it up in Cursor** + Open `Settings → Tools & MCP → Add Custom MCP`, pick **Command**, then point to the compiled binary and your config: + ```json + { + "mcpServers": { + "cyberstrike-ai": { + "command": "/absolute/path/to/cyberstrike-ai-mcp", + "args": [ + "--config", + "/absolute/path/to/config.yaml" + ] + } + } + } + ``` + Replace the paths with your local locations; Cursor will launch the stdio server automatically. + +#### MCP HTTP quick start +1. Ensure `config.yaml` has `mcp.enabled: true` and adjust `mcp.host` / `mcp.port` if you need a non-default binding (localhost:8081 works well for local Cursor usage). +2. Start the main service (`./run.sh` or `go run cmd/server/main.go`); the MCP endpoint lives at `http://:/mcp`. +3. In Cursor, choose **Add Custom MCP → HTTP** and set `Base URL` to `http://127.0.0.1:8081/mcp`. +4. Prefer committing the setup via `.cursor/mcp.json` so teammates can reuse it: + ```json + { + "mcpServers": { + "cyberstrike-ai-http": { + "transport": "http", + "url": "http://127.0.0.1:8081/mcp" + } + } + } + ``` + ### Automation Hooks - **REST APIs** – everything the UI uses (auth, conversations, tool runs, monitor) is available over JSON. - **Task control** – pause/resume/stop long scans, re-run steps with new params, or stream transcripts. diff --git a/README_CN.md b/README_CN.md index 9b8a736a..849fcfbc 100644 --- a/README_CN.md +++ b/README_CN.md @@ -53,7 +53,15 @@ CyberStrikeAI 是一款 **AI 原生渗透测试协同体**,以 Go 编写,内 cd CyberStrikeAI-main go mod download ``` -2. **配置模型与鉴权** +2. **初始化 Python 虚拟环境(tools 目录所需)** + `tools/*.yaml` 中大量工具(如 `api-fuzzer`、`http-framework-test`、`install-python-package` 等)依赖 Python 生态。首次进入项目根目录时请创建本地虚拟环境并安装依赖: + ```bash + python3 -m venv venv + source venv/bin/activate + pip install -r requirements.txt + ``` + 两个 Python 专用工具(`install-python-package` 与 `execute-python-script`)会自动检测该 `venv`(或已经激活的 `$VIRTUAL_ENV`),因此默认 `env_name` 即可满足大多数场景。 +3. **配置模型与鉴权** 启动后在 Web 端 `Settings` 填写,或直接编辑 `config.yaml`: ```yaml openai: @@ -66,7 +74,7 @@ CyberStrikeAI 是一款 **AI 原生渗透测试协同体**,以 Go 编写,内 security: tools_dir: "tools" ``` -3. **按需安装安全工具(可选)** +4. **按需安装安全工具(可选)** ```bash # macOS brew install nmap sqlmap nuclei httpx gobuster feroxbuster subfinder amass @@ -74,7 +82,7 @@ CyberStrikeAI 是一款 **AI 原生渗透测试协同体**,以 Go 编写,内 sudo apt-get install nmap sqlmap nuclei httpx gobuster feroxbuster ``` 未安装的工具会自动跳过或改用替代方案。 -4. **启动服务** +5. **启动服务** ```bash chmod +x run.sh && ./run.sh # 或 @@ -82,7 +90,7 @@ CyberStrikeAI 是一款 **AI 原生渗透测试协同体**,以 Go 编写,内 # 或 go build -o cyberstrike-ai cmd/server/main.go ``` -5. **浏览器访问** http://localhost:8080 ,使用日志中提示的密码登录并开始对话。 +6. **浏览器访问** http://localhost:8080 ,使用日志中提示的密码登录并开始对话。 ### 常用流程 - **对话测试**:自然语言触发多步工具编排,SSE 实时输出。 @@ -120,6 +128,44 @@ CyberStrikeAI 是一款 **AI 原生渗透测试协同体**,以 Go 编写,内 - **MCP stdio 模式**:`go run cmd/mcp-stdio/main.go` 可接入 Cursor/命令行。 - **外部 MCP 联邦**:在设置中注册第三方 MCP(HTTP/stdio),按需启停并实时查看调用统计与健康度。 +#### MCP stdio 快速集成 +1. **编译可执行文件**(在项目根目录执行): + ```bash + go build -o cyberstrike-ai-mcp cmd/mcp-stdio/main.go + ``` +2. **在 Cursor 中配置** + 打开 `Settings → Tools & MCP → Add Custom MCP`,选择 **Command**,指定编译后的程序与配置文件: + ```json + { + "mcpServers": { + "cyberstrike-ai": { + "command": "/absolute/path/to/cyberstrike-ai-mcp", + "args": [ + "--config", + "/absolute/path/to/config.yaml" + ] + } + } + } + ``` + 将路径替换成你本地的实际地址,Cursor 会自动启动 stdio 版本的 MCP。 + +#### MCP HTTP 快速集成 +1. 确认 `config.yaml` 中 `mcp.enabled: true`,按照需要调整 `mcp.host` / `mcp.port`(本地建议 `127.0.0.1:8081`)。 +2. 启动主服务(`./run.sh` 或 `go run cmd/server/main.go`),MCP 端点默认暴露在 `http://:/mcp`。 +3. 在 Cursor 内 `Add Custom MCP → HTTP`,将 `Base URL` 设置为 `http://127.0.0.1:8081/mcp`。 +4. 也可以在项目根目录创建 `.cursor/mcp.json` 以便团队共享: + ```json + { + "mcpServers": { + "cyberstrike-ai-http": { + "transport": "http", + "url": "http://127.0.0.1:8081/mcp" + } + } + } + ``` + ### 自动化与安全 - **REST API**:认证、会话、任务、监控等接口全部开放,可与 CI/CD 集成。 - **任务控制**:支持暂停/终止长任务、修改参数后重跑、流式获取日志。 diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 00000000..a90b3540 --- /dev/null +++ b/requirements.txt @@ -0,0 +1,25 @@ +# Python HTTP helpers leveraged by tools like api-fuzzer, dnslog, http-intruder, http-framework-test +requests>=2.32.3 +httpx>=0.27.0 +charset-normalizer>=3.3.2 +chardet>=5.2.0 + +# Python exploitation / analysis frameworks referenced by tool recipes +angr>=9.2.96 +pwntools>=4.12.0 +arjun>=2.2.0 +paramspider>=2.1.0 +uro>=1.0.2 +jwt-tool>=2.2.0 + +# AD / network post-exploitation suites +bloodhound>=1.6.1 +impacket>=0.11.0 +responder>=3.1.3 + +# Recon / automation helpers +autorecon>=2.5.4 +binwalk>=2.4.2 +dirsearch>=0.4.3 +checkov>=3.2.0 +