Bridge large language models to real-world security tools via MCP. Write a scoped objective — HexStrike assists with tool selection, execution, troubleshooting, evidence collection, and reporting.
Why HexStrike
Traditional tools execute one command at a time. HexStrike helps coordinate approved tool execution, troubleshooting, evidence collection, and reporting.
HexStrike helps operators select tools, preserve context, troubleshoot failures, collect evidence, and turn lab results into structured reports.
Nmap, Metasploit, Burp Suite, Hydra, SQLMap, Aircrack-ng, Hashcat, Ghidra, CrackMapExec, Shodan, theHarvester — all orchestrated by natural language prompts.
Works with Gemini CLI, OpenAI Codex, Cursor (MCP), and local Ollama models. Pick the right engine for the engagement — cloud speed or air-gapped privacy.
Recon, enumeration, validation, evidence collection, remediation notes, and reporting are organized into repeatable, approval-gated lab workflows.
When tools fail, HexStrike helps diagnose the problem, compare alternatives, and document the recovery path for review.
Produces executive summaries, technical findings with CVSS scores, evidence bundles, and prioritized remediation recommendations automatically.
Documentation
From first installation to controlled lab validation — each workflow is documented with practical examples and evidence.
What HexStrike is, installation on Kali Linux, and how it compares to HackerAI and other AI security tools.
Connect HexStrike to Gemini CLI, OpenAI Codex, Cursor MCP, or local Ollama models for air-gapped labs.
Passive intelligence with Shodan integration and email-to-full-exposure-map OSINT workflows.
Network, web, wireless, SSH, SMB, Active Directory, ADCS ESC8, and combined web+cloud attack walkthroughs.
Authorized recovery labs and credential-strength audits for ZIP, PDF, Office documents, WiFi, SSH, and exposed credentials.
End-to-end lab engagements: subnet assessment, black-box Active Directory validation, and web+cloud evidence workflows.
How It Works
Write a scoped objective. HexStrike assists with tool selection, execution, and reporting.
Describe your objective in plain language — "Assess this subnet and summarize risk" or "Recover this PDF I own."
The LLM proposes tools and sequencing for operator review, then helps keep results and evidence organized.
HexStrike executes approved tool calls, parses results, and feeds findings back into the workflow for the next reviewed step.
Structured findings with evidence, CVSS scores, and remediation recommendations — ready to deliver.
Follow the complete guide — from installation to scoped evidence collection and reporting.