What is CyberMind CLI?

CyberMind CLI is an AI-powered offensive security CLI with a VSCode extension, 20-tool recon chain, OMEGA plan mode, Abhimanyu exploit mode, and four new v4.4.0 modes: /devsec, /vibe-hack, /chain, and /red-team.

Is CyberMind CLI free?

Yes. CyberMind CLI has a free tier with 20 requests/day, AI chat, and basic scanning. Paid plans start at $4/month (Starter) for full recon, hunt, and /devsec mode.

Does CyberMind CLI work on Windows?

Yes. CyberMind CLI fully supports Windows via PowerShell. AI chat, /scan, /osint, /breach, /cve, /payload, and /devsec all work on Windows. Recon/hunt/Abhimanyu require Linux/Kali.

What AI models does CyberMind CLI use?

CyberMind CLI supports DeepSeek R1, Qwen3 Coder, GPT-5, Claude Opus 4, Llama 3.3 70B, and 11+ other providers. It auto-routes to the best model for your task and plan tier.

What is /devsec mode?

/devsec is CyberMind's Developer Security Scanner. It scans GitHub repos and local paths for secrets (trufflehog, gitleaks), SAST issues (semgrep), and vulnerable dependencies (trivy, npm audit, pip-audit). Available on Starter+ plan.

What is /vibe-hack mode?

/vibe-hack is an autonomous AI hacking session where the AI decides the next attack step, streams results live via SSE, and saves a full session transcript. Available on Pro+ plan.

What is /red-team mode?

/red-team is a structured 7-day red team campaign with mandatory scope validation, AI-guided phases (OSINT, phishing, initial access, lateral movement, persistence, report), and state persistence between sessions. Elite plan only.

How do I connect a custom domain to CyberMind on Vercel?

Deploy on Vercel, then go to Project Settings > Domains > Add Domain. In your domain registrar (Hostinger, GoDaddy), add a CNAME record pointing to cname.vercel-dns.com, or an A record pointing to 76.76.21.21. Vercel auto-provisions SSL.

Complete Guide

CyberMind CLI — Full Workflow

Everything from fresh install to overnight bug bounty hunting. Every command, every flag, every workflow — in order.

On this page

1. Install 2. Doctor (tool setup)3. Save API key 4. AI Chat 5. Recon mode 6. Hunt mode 7. OMEGA Planning 8. Abhimanyu (exploit)9. AI Coding Assistant 10. Utilities 11. Uninstall / Update

1. Install CyberMind CLI

Linux / Kali (recommended)

curl -sL https://cybermindcli1.vercel.app/install.sh | bash

One-command install. Downloads pre-built binary, installs to /usr/local/bin.

CYBERMIND_KEY=cp_live_xxx curl -sL https://cybermindcli1.vercel.app/install.sh | bash

Install and save your API key in one step.

cybermind --version

Verify install. Should show v2.5.7 or later.

Windows (PowerShell)

(iwr https://cybermindcli1.vercel.app/install.ps1 -UseBasicParsing).Content | iex

Run in PowerShell (Admin recommended).

$env:CYBERMIND_KEY="cp_live_xxx"; (iwr https://cybermindcli1.vercel.app/install.ps1 -UseBasicParsing).Content | iex

Install with API key pre-saved.

Manual binary install (if curl fails)

wget https://cybermindcli1.vercel.app/cybermind-linux-amd64 -O /tmp/cm
chmod +x /tmp/cm
sudo cp /tmp/cm /usr/local/bin/cybermind
sudo cp /tmp/cm /usr/local/bin/cbm

Download binary directly and install manually.

2. Doctor — Install All Tools

Run doctor after install. It checks every recon/hunt/exploit tool, installs missing ones automatically, and updates the CLI binary.

sudo cybermind /doctor

Full health check + auto-install all missing tools. Takes 10-20 min on first run.

Run as root (sudo) — tool installation requires system-level access.

What doctor installs

Recon (35 tools)

nmap, subfinder, amass, httpx, nuclei, rustscan, ffuf, katana, dnsx, tlsx, wafw00f, shodan, h8mail, exiftool, recon-ng, spiderfoot, metagoofil, theHarvester, feroxbuster, gobuster, nikto, whatweb, masscan, zmap, naabu, reconftw, crlfuzz, tinja, sstimap, gitxray, binwalk3, wpprobe, dig, whois, amass

Hunt (28 tools)

dalfox, gau, waybackurls, hakrawler, gospider, cariddi, trufflehog, mantra, paramspider, arjun, x8, smuggler, jwt_tool, graphw00f, xsstrike, kxss, bxss, corsy, gf, ssrfmap, tplmap, liffy, gopherus, waymore, subjs, httprobe, urlfinder, beef-xss

Exploit (38 tools)

sqlmap, commix, wpscan, nosqlmap, xxeinjector, hydra, john, hashcat, kerbrute, searchsploit, msfconsole, linpeas, pspy, bloodhound-python, certipy, bloodyAD, pywhisker, crackmapexec, netexec, evil-winrm, impacket-secretsdump, coercer, mitm6, chisel, ligolo-ng, iodine, empire, sliver, evilginx2, routersploit, sprayhound, wpscan, rubeus, ldeep, adaptixc2, fluxion, donut-shellcode, bopscrk

3. Save Your API Key

cybermind --key cp_live_YOUR_KEY_HERE

Save your Elite/Pro/Starter API key. Stored in ~/.cybermind/config.json.

cybermind whoami

Verify key — shows your plan, usage, and limits.

Plan features:

StarterAI chat, /scan, /osint, /cve, /payload

ProAll Starter + /recon, /hunt, /plan, /doctor

EliteAll Pro + Abhimanyu exploit engine, unlimited usage, priority AI

4. AI Chat

cybermind

Launch interactive AI security chat. Works on all platforms.

cybermind --local

Use local Ollama AI instead of cloud (set CYBERMIND_LOCAL=true).

Chat slash commands

/recon <target>Run full automated recon (Linux only)

/hunt <target>Run vulnerability hunt (Linux only)

/plan <target>OMEGA planning mode (Linux only)

/scan <target>AI-guided network scan (all platforms)

/osint <target>OSINT lookup (all platforms)

/cve --latestLatest critical CVEs

/cve <CVE-ID>CVE details and exploit info

/payloadGenerate reverse shell payloads

/wordlist <target>Generate custom wordlist

/doctorHealth check + auto-update

/uninstallRemove CyberMind completely

reportGenerate pentest report from chat history

clearClear chat history

5. Recon Mode

Full automated recon pipeline — passive OSINT → subdomain enum → port scan → HTTP fingerprint → vuln scan → AI analysis.

sudo cybermind /recon example.com

Full recon on a target domain.

sudo cybermind /recon example.com --tools nmap,httpx,nuclei

Run only specific tools.

sudo cybermind /recon example.com --passive

Passive recon only (no active scanning).

Flags

--tools <list>Comma-separated tool names to run. E.g. nmap,subfinder,httpx

--passivePassive mode only — no active port scanning or fingerprinting

--output <file>Save results to file

Recon pipeline (in order)

1. whois + theHarvester + shodan → passive OSINT

2. subfinder + amass + dnsx → subdomain enumeration

3. rustscan + nmap + naabu → port scanning

4. httpx + whatweb + tlsx + wafw00f → HTTP fingerprinting

5. ffuf + feroxbuster + gobuster → directory discovery

6. nuclei + nikto + katana → vulnerability scanning

7. AI analysis → attack surface summary + recommendations

6. Hunt Mode

Deep vulnerability hunting — URL collection → parameter discovery → XSS/SSRF/IDOR/SQLi hunting → AI triage.

sudo cybermind /hunt example.com

Full hunt on a target.

sudo cybermind /hunt example.com --tools dalfox,nuclei,gau

Run specific hunt tools only.

Flags

--tools <list>Specific hunt tools to run

--focus xss,idor,ssrfFocus on specific vulnerability types

Hunt pipeline (in order)

1. gau + waybackurls + waymore → URL collection from archives

2. hakrawler + gospider + cariddi → live crawling

3. paramspider + arjun + x8 → parameter discovery

4. dalfox + xsstrike + kxss + bxss → XSS hunting

5. ssrfmap + gopherus → SSRF testing

6. tplmap → SSTI detection

7. jwt_tool → JWT vulnerability testing

8. gf patterns → grep for interesting params

9. trufflehog + mantra → secret/API key leaks

10. AI triage → bug report with severity + PoC suggestions

7. OMEGA Planning Mode

The most powerful mode. Runs full recon → hunt → exploit pipeline automatically. Best for overnight bug bounty runs.

sudo cybermind /plan example.com

Full OMEGA plan on a specific target.

sudo cybermind /plan --auto-target

AI picks the best HackerOne target for you automatically.

sudo cybermind /plan --auto-target --skill intermediate --focus idor,xss,ssrf

Auto-target with skill level and bug focus.

sudo cybermind /plan example.com --focus xss,idor --skill beginner

Target with focus and skill level.

Flags

--auto-targetAI fetches best HackerOne bug bounty target based on your skill + focus. No domain needed.

--skill <level>beginner | intermediate | advanced — adjusts tool aggression and AI recommendations

--focus <types>Comma-separated: xss, idor, ssrf, sqli, rce, lfi, xxe, ssti, auth, logic — focuses the hunt

OMEGA pipeline (in order)

1. Doctor check → verify all tools installed

2. Passive recon → OSINT, subdomains, ports

3. Active recon → HTTP fingerprint, vuln scan

4. Hunt phase → URL collection, param discovery, XSS/SSRF/IDOR

5. AI analysis → attack plan with prioritized targets

6. Abhimanyu → exploit confirmed vulnerabilities

7. PoC generation → AI writes proof-of-concept for each bug

8. Report → full pentest report with CVSS scores

For overnight runs: sudo cybermind /plan --auto-target --skill intermediate --focus idor,xss,ssrf — leave it running, check results in the morning.

8. Abhimanyu — Exploit Engine

Elite-only exploit engine. Takes recon findings and runs targeted exploitation — SQLi, XSS, RCE, auth bypass, CVE chains.

sudo cybermind /abhimanyu example.com

Run full exploit pipeline on target.

sudo cybermind /abhimanyu example.com sqli

Focus on SQL injection exploitation.

sudo cybermind /abhimanyu example.com xss

Focus on XSS exploitation.

Supported vulnerability types

sqlixssrcessrflfixxesstiidorauthcsrfopen-redirectcve

Tools used by Abhimanyu

sqlmap → SQL injection detection + exploitation

commix → command injection exploitation

nosqlmap → NoSQL injection

xxeinjector → XXE exploitation

tplmap → SSTI exploitation

hydra + john + hashcat → auth brute force

kerbrute → Kerberos attacks

searchsploit + msfconsole → CVE exploitation

bloodhound-python + certipy → AD attacks

crackmapexec + netexec → lateral movement

chisel + ligolo-ng → tunneling

linpeas + pspy → post-exploitation

9. AI Coding Assistant

AI coding assistant — works in any project directory. Reads your codebase, writes code, runs commands.

cybermind

Launch AI coding assistant in current directory.

cbm

Short alias — same as cybermind.

AI Coding slash commands

/buildBuild the project

/testRun tests

/fixAuto-fix errors in current file

/explainExplain selected code

/refactorRefactor current file

/securitySecurity audit of codebase

/fullstackFull-stack feature implementation

/deployDeployment guide for current project

10. Utility Commands

Network scan

cybermind /scan 192.168.1.0/24

AI-guided network scan (all platforms).

cybermind /portscan example.com

Port scan with AI analysis.

OSINT

cybermind /osint example.com

Full OSINT lookup — whois, DNS, emails, subdomains.

CVE intelligence

cybermind /cve --latest

Latest critical CVEs (last 7 days).

cybermind /cve CVE-2024-1234

Specific CVE details + exploit info.

cybermind /cve --keyword apache

Search CVEs by keyword.

Payload generation

cybermind /payload

Interactive payload generator — reverse shells, web shells, encoders.

cybermind /wordlist example.com

Generate custom wordlist for target.

Report generation

cybermind report

Generate full pentest report from current chat/session history.

11. Update and Uninstall

Update to latest version

sudo cybermind /doctor

Auto-updates CLI binary + installs any new tools.

Uninstall completely

sudo cybermind /uninstall

Removes binary + config. Clean uninstall.

sudo rm -f /usr/local/bin/cybermind /usr/local/bin/cbm && rm -rf ~/.cybermind

Manual uninstall if CLI is broken.

Reinstall fresh

CYBERMIND_KEY=cp_live_xxx curl -sL https://cybermindcli1.vercel.app/install.sh | bash

Fresh install with API key.

Quick reference — most used commands

sudo cybermind /doctorInstall/update all tools

sudo cybermind /plan --auto-targetOvernight bug bounty (auto picks target)

sudo cybermind /recon example.comFull recon

sudo cybermind /hunt example.comVulnerability hunt

cybermind /cve --latestLatest CVEs

cybermindAI coding assistant

cybermind whoamiCheck plan + usage