From cdd18947370924fe9a49176df1df7bca57803743 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=85=AC=E6=98=8E?=
<83812544+Ed1s0nZ@users.noreply.github.com>
Date: Tue, 7 Jul 2026 14:20:55 +0800
Subject: [PATCH] Add files via upload
---
README.md | 22 ++++++++++++++--------
README_CN.md | 22 ++++++++++++++--------
2 files changed, 28 insertions(+), 16 deletions(-)
diff --git a/README.md b/README.md
index ef1f3ac6..2ff7dadc 100644
--- a/README.md
+++ b/README.md
@@ -9,6 +9,12 @@
**Community**: [Join us on Discord](https://discord.gg/8PjVCMu8Zw)
+**CyberStrikeAI is building the agentic execution layer for modern cyber security.**
+
+It brings AI agents, security tools, MCP-native integrations, knowledge systems, human oversight, and attack-chain intelligence into a unified workspace for authorized cyber engagements. Instead of treating tools, prompts, evidence, approvals, and reports as separate fragments, CyberStrikeAI turns security intent into auditable multi-agent workflows that can plan, execute, review, replay, and continuously accumulate operational context.
+
+Built in Go, CyberStrikeAI provides a full-stack foundation for AI-native security operations: 100+ curated tool recipes, role-based testing, Agent Skills, Eino-powered single-agent and multi-agent orchestration, RAG knowledge retrieval, graph workflows, vulnerability and task lifecycle management, WebShell operations, chatbot access, and a lightweight built-in C2 framework for authorized lab and engagement scenarios.
+
WeChat group (click to reveal QR code)
@@ -27,8 +33,6 @@ If CyberStrikeAI helps you, you can support the project via **WeChat Pay** or **
-CyberStrikeAI is an **AI-native security testing platform** built in Go. It integrates 100+ security tools, an intelligent orchestration engine, role-based testing with predefined security roles, a skills system with specialized testing skills, comprehensive lifecycle management capabilities, and a **built-in lightweight C2 (Command & Control) framework** for **authorized** engagements (listeners, encrypted implants, sessions, tasks, real-time events, REST and MCP). Through native MCP protocol and AI agents, it enables end-to-end automation from conversational commands to vulnerability discovery, attack-chain analysis, knowledge retrieval, and result visualization—delivering an auditable, traceable, and collaborative testing environment for security teams.
-
## Interface & Integration Preview
@@ -115,12 +119,14 @@ CyberStrikeAI is an **AI-native security testing platform** built in Go. It inte
## Highlights
-- 🤖 AI decision engine with OpenAI-compatible models (GPT, Claude, DeepSeek, etc.)
-- 🔌 Native MCP implementation with HTTP/stdio/SSE transports and external MCP federation
-- 🧰 100+ prebuilt tool recipes + YAML-based extension system
+- 🤖 Agentic execution layer for translating natural-language intent into precise, governed, auditable security action
+- 🧩 Eino-powered single-agent and multi-agent orchestration with Deep, Plan-Execute, and Supervisor modes
+- 🔌 MCP-native tool execution with HTTP/stdio/SSE transports, external MCP federation, and dynamic tool discovery
+- 🧰 100+ curated security tool recipes, YAML-based extensions, and role-scoped tool control
- 📄 Large-result pagination, compression, and searchable archives
-- 🔗 Attack-chain graph, risk scoring, and step-by-step replay
-- 🔒 Password-protected web UI, audit logs, and SQLite persistence
+- 🔗 Attack-chain intelligence with graph views, risk scoring, project facts, and step-by-step replay
+- 🧑⚖️ Human-in-the-loop governance with approval modes, allowlists, audit-agent review, and traceable decisions
+- 🔒 Password-protected web UI, audit logs, SQLite persistence, and operational evidence retention
- 📚 Knowledge base (RAG): **Eino MultiQuery** query rewrite + multi-path vector retrieval + **HTTP rerank** (DashScope `gte-rerank` / Cohere-compatible) + post-processing (dedupe, budget); **Eino Compose** indexing pipeline
- 📁 Conversation grouping with pinning, rename, and batch management
- 📂 **Project management**: shared facts (blackboard) across sessions, `upsert_project_fact` + `links` to chain paths; attack-chain and project fact graph views
@@ -329,7 +335,7 @@ Requirements / tips:
- **Result compression** – multi-megabyte logs can be summarized or losslessly compressed before persisting to keep SQLite lean.
**Creating a custom tool (typical flow)**
-1. Copy an existing YAML file from `tools/` (for example `tools/sample.yaml`).
+1. Copy an existing YAML file from `tools/` (for example `tools/nmap.yaml` or `tools/ffuf.yaml`).
2. Update `name`, `command`, `args`, and `short_description`.
3. Describe positional or flag parameters in `parameters[]` so the agent knows how to build CLI arguments.
4. Provide a longer `description`/`notes` block if the agent needs extra context or post-processing tips.
diff --git a/README_CN.md b/README_CN.md
index c43dec9d..dffa26ad 100644
--- a/README_CN.md
+++ b/README_CN.md
@@ -8,6 +8,12 @@
**社区**:[加入 Discord](https://discord.gg/8PjVCMu8Zw)
+**CyberStrikeAI 正在构建现代网络安全的智能体执行层。**
+
+它将 AI 智能体、安全工具、MCP 原生集成、知识系统、人工监督与攻击链智能汇聚到一个面向授权安全任务的统一工作空间中。CyberStrikeAI 不再把工具、提示词、证据、审批和报告视为割裂环节,而是将安全意图转化为可规划、可执行、可审查、可复盘、可持续沉淀上下文的多智能体工作流。
+
+CyberStrikeAI 基于 Go 构建,为 AI 原生安全运营提供完整底座:100+ 精选工具配方、角色化测试、Agent Skills、基于 Eino 的单智能体与多智能体编排、RAG 知识检索、图工作流、漏洞与任务生命周期管理、WebShell 运营、机器人接入,以及面向授权实验室和安全任务场景的内置轻量 C2 框架。
+
微信群(点击展开二维码)
@@ -26,8 +32,6 @@
-CyberStrikeAI 是一款 **AI 原生安全测试平台**,基于 Go 构建,集成了 100+ 安全工具、智能编排引擎、角色化测试与预设安全测试角色、Skills 技能系统与专业测试技能、完整的测试生命周期管理能力,以及面向 **授权场景** 的 **内置轻量 C2(Command & Control,指挥与控制)** 能力(监听器、加密通信、会话与任务、实时事件、REST 与 MCP 协同)。通过原生 MCP 协议与 AI 智能体,支持从对话指令到漏洞发现、攻击链分析、知识检索与结果可视化的全流程自动化,为安全团队提供可审计、可追溯、可协作的专业测试环境。
-
## 界面与集成预览
@@ -114,12 +118,14 @@ CyberStrikeAI 是一款 **AI 原生安全测试平台**,基于 Go 构建,集
## 特性速览
-- 🤖 兼容 OpenAI/DeepSeek/Claude 等模型的智能决策引擎
-- 🔌 原生 MCP 协议,支持 HTTP / stdio / SSE 传输模式以及外部 MCP 接入
-- 🧰 100+ 现成工具模版 + YAML 扩展能力
+- 🤖 面向智能体时代的执行层,将自然语言意图转化为精准、受控、可审计的安全行动
+- 🧩 基于 Eino 的单智能体与多智能体编排,支持 Deep、Plan-Execute、Supervisor 等模式
+- 🔌 MCP 原生工具执行,支持 HTTP / stdio / SSE 传输、外部 MCP 联邦与动态工具发现
+- 🧰 100+ 精选安全工具配方、YAML 扩展机制与按角色收敛的工具控制
- 📄 大结果分页、压缩与全文检索
-- 🔗 攻击链可视化、风险打分与步骤回放
-- 🔒 Web 登录保护、审计日志、SQLite 持久化
+- 🔗 攻击链智能分析,支持图谱视图、风险打分、项目事实沉淀与步骤回放
+- 🧑⚖️ 人机协同治理,支持审批模式、免审批白名单、审计 Agent 复核与可追溯决策
+- 🔒 Web 登录保护、审计日志、SQLite 持久化与行动证据留存
- 📚 知识库(RAG):**Eino MultiQuery** 查询改写 + 多路向量检索 + **HTTP 精排**(DashScope `gte-rerank` / Cohere 兼容)+ 后处理(去重、预算);索引侧为 **Eino Compose** 流水线
- 📁 对话分组管理:支持分组创建、置顶、重命名、删除等操作
- 📂 **项目管理**:共享事实(黑板)跨会话沉淀认知,`upsert_project_fact` + `links` 串联攻击路径;聊天攻击链与项目事实图可视化
@@ -327,7 +333,7 @@ go build -o cyberstrike-ai cmd/server/main.go
- **结果压缩/摘要**:多兆字节日志可先压缩或生成摘要再写入 SQLite,减小档案体积。
**自定义工具的一般步骤**
-1. 复制 `tools/` 下现有示例(如 `tools/sample.yaml`)。
+1. 复制 `tools/` 下现有示例(如 `tools/nmap.yaml` 或 `tools/ffuf.yaml`)。
2. 修改 `name`、`command`、`args`、`short_description` 等基础信息。
3. 在 `parameters[]` 中声明位置参数或带 flag 的参数,方便智能体自动拼装命令。
4. 视需要补充 `description` 或 `notes`,给 AI 额外上下文或结果解读提示。