mirror of
https://github.com/Ed1s0nZ/CyberStrikeAI.git
synced 2026-06-04 21:38:08 +02:00
公明
1.9 KiB
1.9 KiB
CyberStrikeAI Burp Suite Extension
中文说明见:README.zh-CN.md
What it does
- Configure Host / Port / HTTPS / Password and choose an agent mode
- Click Validate to login (
POST /api/auth/login) and verify token (GET /api/auth/validate) - Right-click any HTTP message in Burp and send it to CyberStrikeAI for streaming web pentest
- Keep a test history sidebar (searchable) so you can revisit previous runs
- Output is split into collapsible Progress + Final Response (Markdown rendering supported)
- View captured Request / Response for each run
- Stop a running task (calls
/api/agent-loop/cancelonceconversationIdis available)
Build
Requirements:
- JDK 11+
- Maven (recommended) OR Burp Extender API jar (offline mode)
Option A (recommended): Maven build (no need to locate Burp)
cd plugins/burp-suite/cyberstrikeai-burp-extension
./build-mvn.sh
Output:
dist/cyberstrikeai-burp-extension.jar
Option B: Offline build with build.sh (needs Burp API jar)
- Create
lib/and copy Burp's API jar into it:
mkdir -p lib
# copy from your Burp installation, for example:
# cp "/path/to/burp-extender-api.jar" lib/
- Build:
cd plugins/burp-suite/cyberstrikeai-burp-extension
./build.sh
Output:
dist/cyberstrikeai-burp-extension.jar
Option C: Gradle (optional)
If you already have Gradle available, you can still use build.gradle to build.
Load in Burp Suite
- Burp Suite → Extensions → Installed → Add
- Extension type: Java
- Select the jar above
Notes
- Default connection is
https://127.0.0.1:8080(HTTPS checked). Self-signed / local certs are trusted automatically (no import). - Uncheck HTTPS only if your server runs plain HTTP.
- It uses Bearer Token authentication obtained from the configured password.