Releases: Ed1s0nZ/CyberStrikeAI
v1.4.9
新增「删除本轮对话」:在聊天中可删除任意一轮的用户消息与助手回复(含该轮关联的过程详情),用于去掉无效或错误内容、减轻上下文干扰。删除后会同步清空该会话保存的 ReAct 上下文快照(last_react_input / last_react_output),保证下一轮模型输入仅基于剩余消息记录,与上下文压缩逻辑一致。流式对话下在用户/助手消息落库后会通过 SSE 下发消息 ID,删除入口可即时显示而无需刷新页面。
Delete this conversation turn (new): Remove a full turn—user message, assistant reply, and linked process details—to drop noise or mistakes and reduce context clutter. The session’s saved ReAct snapshot (last_react_input / last_react_output) is cleared so the next model call rebuilds history only from the remaining stored messages, staying consistent with context compression. During streaming, message IDs are pushed over SSE after persistence, so the delete control appears without a full page reload.
v1.4.8
多代理模式下,攻击链原先只认助手消息里的 mcp_execution_ids,容易因缺少 execution id 被误判为「无工具」而无法生成。现已改为同时依据 process_details 中的 tool_call/tool_result 判定;并在 ReAct 保存不完整时,用最后一轮助手的过程详情补全输入,且按主编排器视角过滤——保留主 agent 的工具调用与子任务调度(task)、子 agent 仅保留最终回复,去掉 thinking/planning 及子 agent 工具细节,使攻击链生成与「主 agent 整轮迭代」一致。
In multi-agent mode, attack-chain generation previously required MCP execution IDs on assistant messages, so runs without execution IDs were treated as having no tools and produced empty chains. The fix also treats persisted tool_call/tool_result events as evidence of tool use, and when saved ReAct input is incomplete, appends filtered process details for the last assistant turn: orchestrator tools and task dispatches are kept, sub-agents contribute only their final replies, while thinking/planning and sub-agent tool traces are dropped—aligning the prompt with one full orchestrator iteration.
v1.4.7
多代理(Eino DeepAgent)侧增强:未知工具名不再硬崩,统一返回提示文案且不自动映射工具名;上游若因 function.arguments 非合法 JSON 报错,则自动追加系统提示并重跑(限次),并通过新事件 eino_recovery 写入过程时间线与落库,前端可展示「第 n/max 轮」恢复说明;einomcp 中抽出 MCP 调用路径并保留未知工具提醒逻辑。
Multi-agent (Eino DeepAgent): unknown tool calls get a graceful text response (no name guessing); JSON-invalid tool arguments from the API trigger a bounded auto-retry with an appended system hint; new SSE/detail event eino_recovery surfaces recovery in the timeline and DB; einomcp keeps shared MCP invocation and unknown-tool messaging.
v1.4.6
本次优化将历史会话的“渗透测试详情/过程事件”从一次性全量加载改为按需渐进式加载:切换历史会话时仅加载消息列表与基础信息,只有在用户点击“展开详情”或展开某条记录时才向后端请求对应的过程详情数据并渲染,从而显著降低首屏 JSON 体积与 DOM 渲染压力,解决历史会话切换卡顿;下载报告仍保持一次性拉取全量数据,不影响页面交互性能。
This optimization changes session history loading from eager, full payload delivery to progressive, on-demand fetching: when switching to a past conversation, the UI loads only messages and metadata, and fetches/render process details only after the user explicitly expands a specific “details” section. This reduces initial JSON size and DOM/rendering cost, eliminating lag when opening history, while keeping report downloads as a one-shot full fetch (no impact on page performance).
v1.4.5
v1.4.4
多代理/单代理长 SSE 在长时间无数据时易被掐断,已在流式接口增加定时 SSE 注释保活,并优化前端断线提示与任务栏刷新。多代理时间线增加主编排「第几轮」、子代理「第几步」展示,并为事件标注主/子角色与配色区分;以上仅作用于 SSE 与界面(及可选过程详情存储),不改变发给大模型的对话上下文。
Long-running SSE streams for single- and multi-agent chat could be dropped when idle; we added periodic SSE comment keepalives on the stream endpoints and improved the client message plus task-bar refresh on disconnect. The multi-agent timeline now shows orchestrator round and sub-agent step counts, with role labels and distinct styling; these changes affect the event stream and UI (and optional process-detail persistence) only, not the model’s chat context.
v1.4.3
新增 CyberStrikeAI Burp Suite 插件,支持在 Burp 中右键将 HTTP 流量发送到 CyberStrikeAI 进行流式 Web 渗透测试。
插件提供连接验证(Host/Port/Password)、单/多 Agent 切换、测试历史侧边栏(可搜索)及 Request/Response 回看。
优化输出体验:Progress(可折叠)与 Final Response 分区、Markdown 渲染、Stop 取消任务,以及多项 UI/渲染细节修复。
Added a new CyberStrikeAI Burp Suite extension to send selected HTTP traffic from Burp to CyberStrikeAI for streaming web pentest workflows.
The extension includes connection validation (Host/Port/Password), single/multi-agent mode, searchable run history, and per-run Request/Response review.
Improved output UX with collapsible Progress + Final Response split, Markdown rendering, stop/cancel support, and multiple UI/rendering fixes.
v1.4.2
Optimized the WebShell management UX with a focus on clarity, consistency, and workflow efficiency:
Upgraded the database schema tree to support hierarchical expansion (database -> table -> columns) with smarter auto-loading and reduced redundant requests.
Improved long-name handling in schema navigation (ellipsis + hover tooltip) and removed disruptive horizontal scrolling.
Fixed schema/column rendering edge cases, including refresh-state inconsistencies and error/history display mismatches.
Added a persistent Memo feature as a dedicated tab in WebShell, with local SQLite-backed state saving and improved editor styling.
Refined UI polish across AI/DB/Memo areas (better layout behavior, status feedback, and multilingual text updates) for a smoother day-to-day operation experience.