OpenAI (GPT)

OpenAI provides GPT-4 and o1 models for security analysis. This guide covers setup and configuration.

📸 SCREENSHOT: openai-model-select.png

OpenAI model selection dialog

Available Models

Model	Context	Best For
gpt-4o	128K	General security testing
gpt-4o-mini	128K	Quick tasks, high volume
o1	128K	Complex reasoning
o1-mini	128K	Faster reasoning tasks
gpt-4-turbo	128K	Balanced performance

Authentication

API Key Setup

Get your API key from platform.openai.com
Run authentication:

cyberstrike auth login
# Select: OpenAI
# Enter your API key

Environment Variable

export OPENAI_API_KEY="sk-proj-..."

Configuration File

{
  "provider": {
    "openai": {
      "options": {
        "apiKey": "{env:OPENAI_API_KEY}"
      }
    }
  }
}

Model Configuration

Set Default Model

{
  "model": "openai/gpt-4o"
}

Command Line Override

cyberstrike --model openai/o1

Using o1 Reasoning Models

o1 models excel at complex security analysis:

cyberstrike --model openai/o1

Best for:

Complex vulnerability chains
Attack path analysis
Cryptographic analysis
Reverse engineering

ChatGPT Plus/Pro

Use your ChatGPT subscription:

cyberstrike auth login
# Select: OpenAI
# Choose: ChatGPT Plus/Pro
# Complete browser authentication

Info

ChatGPT authentication requires browser-based OAuth flow.

Organization ID

For organization accounts:

{
  "provider": {
    "openai": {
      "options": {
        "apiKey": "{env:OPENAI_API_KEY}",
        "organization": "org-..."
      }
    }
  }
}

Custom Base URL

For OpenAI-compatible endpoints:

{
  "provider": {
    "openai": {
      "options": {
        "baseURL": "https://your-endpoint.com/v1"
      }
    }
  }
}

Function Calling

GPT models support function calling for tool use:

{
  "provider": {
    "openai": {
      "options": {
        "parallelToolCalls": true
      }
    }
  }
}

Rate Limits

OpenAI rate limits by tier:

Tier	RPM	TPM
Free	3	40,000
Tier 1	500	200,000
Tier 2	5,000	2,000,000
Tier 3+	Higher limits

Handling Limits

{
  "provider": {
    "openai": {
      "options": {
        "maxRetries": 3,
        "timeout": 60000
      }
    }
  }
}

Best Practices

Model Selection

Task	Recommended Model
Quick scans	gpt-4o-mini
General testing	gpt-4o
Complex analysis	o1
Cost-sensitive	gpt-4o-mini

Cost Optimization

Use mini models for simple tasks
Set reasonable max tokens
Use /compact for long sessions
Monitor usage on OpenAI dashboard

Security

Store keys in environment variables
Use project-specific API keys
Enable usage limits in OpenAI dashboard
Rotate keys periodically

Troubleshooting

Invalid API Key

Error: Incorrect API key provided

Verify:

Key starts with sk-proj- or sk-
No extra whitespace
Key is active

Insufficient Quota

Error: You exceeded your current quota

Solutions:

Add billing information
Check usage limits
Upgrade your plan

Model Access

Error: The model does not exist or you do not have access

Some models require:

Tier 3+ for o1
Waitlist approval
Enterprise agreement

Caution

o1 models have higher latency due to reasoning steps. Plan for longer response times.

Providers Overview - All providers
Custom Providers - OpenAI-compatible setup
Configuration - Full options