CLI
CyberStrike CLI defaults to launching the TUI when run without arguments. It also accepts commands for non-interactive and programmatic use.
# Launch interactive TUIcyberstrike
# Run a single promptcyberstrike run "scan example.com for open ports"VIDEO: cli-run-demo.mp4
Non-interactive run command with streaming agent output (~12s)
Available Commands
| Command | Description |
|---|---|
run | Non-interactive mode with a direct prompt |
serve | Headless HTTP server for API access |
web | Headless server with web interface |
attach | Connect TUI to a running server |
auth | Manage credentials and provider login |
agent | Manage security agents |
mcp | Manage MCP servers |
models | List available models from providers |
session | Manage sessions |
stats | Display token usage and cost statistics |
export | Export session data as JSON |
import | Import from JSON file or share URL |
upgrade | Update to latest or specific version |
uninstall | Remove CyberStrike and related files |
Global Flags
| Flag | Alias | Description |
|---|---|---|
--help | -h | Display help information |
--version | -v | Print version |
--print-logs | Output logs to stderr | |
--log-level | Set level: DEBUG, INFO, WARN, ERROR |
run
Execute a single prompt without entering interactive mode.
cyberstrike run [message..] [options]Options
| Option | Alias | Description |
|---|---|---|
--model <model> | -m | Model in format provider/model |
--agent <name> | Security agent to use | |
--continue | -c | Continue last session |
--session <id> | -s | Resume specific session |
--file <path> | -f | Attach file(s) to message |
--format <type> | Output format: default or json | |
--share | Share the session | |
--title <text> | Set session title | |
--variant <type> | Model variant (high, max, minimal) |
Examples
# Run a security scancyberstrike run "scan example.com for XSS vulnerabilities"
# Attach a config file for reviewcyberstrike run "analyze this config for misconfigurations" -f nginx.conf
# Output as JSON for pipeline integrationcyberstrike run "list all open ports" --format json
# Continue a previous sessioncyberstrike run "now check for SQLi" --continueSCREENSHOT: cli-json-output.png
Structured JSON output from —format json flag
Piping Input
Accept input from stdin for integration with other tools:
echo "analyze this code for vulnerabilities" | cyberstrike runnmap -sV target.local | cyberstrike run "analyze these scan results"cat report.json | cyberstrike run "summarize findings"serve
Start a headless HTTP API server without a UI. Useful for integrations, CI/CD pipelines, and remote access.
cyberstrike serve [options]| Option | Description |
|---|---|
--port <number> | Server port (default: random available) |
--hostname <address> | Bind address (default: 127.0.0.1) |
Caution
Authentication: Set CYBERSTRIKE_SERVER_PASSWORD when exposing the server on a network. Without it, the server is unsecured.
# Start API server on port 4096CYBERSTRIKE_SERVER_PASSWORD=secret cyberstrike serve --port 4096VIDEO: cli-pipe-demo.mp4
Piping nmap output into cyberstrike run for analysis (~10s)
attach
Connect a TUI to an already-running CyberStrike server. This allows multiple terminals to share the same sessions.
cyberstrike attach <url># Start server in one terminalcyberstrike web --port 4096
# Attach from another terminalcyberstrike attach http://localhost:4096upgrade
Update CyberStrike to the latest version or a specific target.
# Upgrade to latest stablecyberstrike upgrade
# Upgrade to specific versioncyberstrike upgrade 1.1.6
# Upgrade to latest betacyberstrike upgrade --method npmSupported methods: curl, npm, pnpm, bun, brew, choco, scoop.
Environment Variables
| Variable | Description |
|---|---|
CYBERSTRIKE_PROVIDER | Default AI provider |
CYBERSTRIKE_MODEL | Default model |
CYBERSTRIKE_AGENT | Default security agent |
CYBERSTRIKE_SERVER_PASSWORD | Server authentication password |
CYBERSTRIKE_SERVER_USERNAME | Server username (default: cyberstrike) |
CYBERSTRIKE_DISABLE_AUTOUPDATE | Disable automatic update checks |
CYBERSTRIKE_TUI_CONFIG | Custom TUI config path |
ANTHROPIC_API_KEY | Anthropic API key |
OPENAI_API_KEY | OpenAI API key |
GOOGLE_API_KEY | Google AI API key |
OPENROUTER_API_KEY | OpenRouter API key |
Exit Codes
| Code | Meaning |
|---|---|
0 | Success |
1 | General error |
2 | Invalid arguments |
130 | Interrupted (Ctrl+C) |