1.5.0

1.5.0 - backdoorbear (2026-05-09)

Loot

• Added Loot page for managing captured credentials and loot items from engagements.
• Loot page is accessible from the nav and Command Palette.

Reports

• Added HTML report generation endpoint for richer, exportable engagement reports.

Plugin management

• Improved plugin management modal with enhanced plugin install/enable/disable UX.

Settings & navigation

• Added page visibility controls — show or hide individual nav pages from Settings.
• Dashboard and Settings pages are always visible and cannot be disabled.

Help page

• Added Command Palette section explaining shortcuts and tool launch workflow.
• Added UI Features section covering chat panel shortcut and page visibility.

1.4.0 - NyxStrike

1.4.0 - NyxStrike

Built-in AI Chat assistant

• Added persistent chat widget — start a conversation without leaving your workflow. Supports multi-session history, and a resizable floating UI.
• Added chat personality settings and presets — tune the assistant's tone and behavior.
• Added chat session renaming, deletion, stats tracking.
• Added tool call resolution handling and streaming identifier improvements.
• Enabled "think" mode and reasoning support in LLM backends (Ollama, OpenAI, Anthropic).
• And a few smaller features build into the chat.

LLM analysis

• Added analyze_session — passive LLM analysis pass that reads existing workflow session run logs, interprets them, and persists structured findings.
• Added llm_agent_scan_result tool — retrieve results of completed LLM agent scan sessions.
• Added NyxStrikeDB (SQLite) for persisting LLM analysis sessions and vulnerability findings.
• Added LLMClient — provider-agnostic LLM adapter supporting Ollama, OpenAI, and Anthropic backends.
• Added internal API client for tool execution and classification from the chat layer.
• Improved tool injection logic with confidence threshold and conversational pattern filtering.

Session management

• Added follow-up session functionality — chain sessions for iterative engagements.
• Added session notes management, report generation, findings, and timeline view.
• Added AI analysis section surfacing vulnerabilities and risk level in session cards.

Plugin system

• Introduced a drop-in plugin architecture — extend NyxStrike without touching core code.
• Drop a folder under plugins/tools/, add an entry to plugins.yaml, and restart; the server auto-loads the plugin.
• Each tool plugin provides a Flask Blueprint (API endpoint) and a FastMCP registration (AI-callable tool).
• Failed plugins are skipped with a warning — server always starts cleanly.
• Bundled example_net_ping plugin as a copy-paste starting point.

New tools

• Added schemathesis integration — property-based API fuzzing against OpenAPI/GraphQL schemas.
• Added interactsh wrapper — OOB interaction URL generation for blind SSRF/XSS detection.
• Added http_headers tool — fetches and displays HTTP response headers for a target URL.
• Added dig tool — DNS lookup via dig with configurable record type and nameserver.
• Added Burp Agent Loop API for autonomous pentesting integration.

Performance and internals

• Implemented thread-safe lazy singleton pattern for service objects.
• Optimized SSE endpoints with unified stream for processes and pool stats, reducing duplicate events.
• Added CPU niceness adjustment and performance dashboard recording to command execution.
• Configurable session wait time for Metasploit execution.
• Improved tool registry validation and cache key hashing.
• Added session-wide subprocess mocking safety net for tests.

Others

• Added nyxstrike.sh main entrypoint script with external tool install list.

1.3.0 - ShellShark

1.3.0 - shellshark

• Added new tools/wrappers: hurl, waymore, assetfinder, shuffledns, massdns, and gospider; also improved testssl.sh compatibility/fallback.
• Upgraded intelligence workflows with precision planning, preview mode, and tool selection reasons.
• Improved sessions and UI flows (template/workbench polish, log export, ESC-to-close modals, update modal with copyable git pull).
• Streamlined UI responsiveness and topbar UX: FAB quick actions and condensed health/refresh status via tooltip.
• Strengthened long-running execution with per-tool timeout policies, request/runtime timeout split, inactivity watchdog, and max runtime cap.
• Added streamlined installer workflow: split install.sh/run.sh.
• Manual Tool Execution: deep chaining prior-step artifact chaining with operator approval, confidence hints, and mapping pinning.
• Durable session workflow evolution: stronger end-to-end session handoff model between AI planning and manual dashboard execution.
• Theme system major upgrade: new premium themes (Unicorn + Forest), plus richer per-theme visual identity.

1.2.0 - packetpanther

Big UX + workflow release for HexStrike Community Edition:

• ⚡ Global Command Palette (Ctrl/Cmd+K) to jump pages and launch tools fast
• 🎨 Plug-and-play theme system with live preview
  (Dark Ops, Candy Pop, Solarized and more.)
• ⭐ Run workflow upgrades: favorite tools, recent targets, and compare-to-previous-run in results
• 🧠 Safer history handling: run history now persists server-side (JSON), not just browser memory
• 📊 Dashboard polish pass improved overall page structure
• 🗂️ Major frontend refactor into smaller components across pages
• 📚 Session workflow improvements: templates, manual mode, detail workbench, export, delete, and better tool management
• 📓 Wordlist management + settings/help enhancements
• 🔧 Tooling/backend updates including testssl.sh wrapper and cache clearing improvements (Thanks to @garthoid)

v1.1.2 - rootkitfox

🚀 Release: v1.1.2 - rootkitfox

A new update has landed with a strong focus on cleanup, structure, and long-term maintainability across the project. This release improves how tools are managed, and enhances API capabilities

🧩 Core Improvements

Tool System Refactor

• Centralized all tool-related constants into a dedicated module for better structure and maintainability
• Improved tool detection logic for pip, gem, and cargo tools (no more shell pipe hacks)
• Introduced a unified flat tool list for more efficient probing and cleaner logic

API & Dashboard Enhancements

• Added new endpoint: /api/tools/categories for better frontend integration
• Refactored dashboard logic using shared helpers for consistency
• Improved timestamp handling with UTC ISO formatting

Vulnerability Intelligence

• Updated wordlist selection to use the wordlist_store singleton
• More consistent and maintainable matching logic

---

This release is all about making the system cleaner, more modular, and easier to build on going forward.

1.1.1 – Zerodaywolf

🕵️ OSINT Arsenal Expanded

Added multiple OSINT tools, fully integrated as MCP tools with wrappers and registration:

• Sherlock
• SpiderFoot
• Sublist3r
• Parsero
• Joomscan

All ready for automated reconnaissance and intelligence gathering workflows.

🌐 Web Fingerprinting & Recon

• Added WhatWeb integration
• Enables fast detection of technologies, frameworks, and web stacks

Ideal for quick target profiling before exploitation.

🧠 Vulnerability Intelligence Upgrade

• Introduced Vulnx
• Integrated into tool profiles for advanced CVE analysis and vulnerability intelligence

🏢 Active Directory Enhancements

• Full MCP wrapper for ldapdomaindump
• Now available directly within the Active Directory tool profile

Improves domain enumeration and AD mapping workflows.

⚡ Additional Tooling

• Added support for Commix
• Expands capabilities for automated command injection testing

🔥 Summary

This update significantly strengthens HexStrike’s ability to:

• Perform deep OSINT investigations
• Fingerprint and profile web targets
• Analyze vulnerabilities with richer intelligence
• Enumerate and map Active Directory environments

More automation. More visibility. More power.

1.1.0 - Major Features

This release is all about visibility, control, and power.

🧠 Arsenal Expanded

• New Multi-Agent worksflows and LLM skills
• Now 185+ MCP tools
• We covered all the go-to for Wifi-pentest!
• Broader coverage, deeper automation

🌐 NEW MAJOR FEATURE: Web Dashboard

HexStrike now ships with a built-in Web Dashboard out of the box.

No setup. No config. Just start the server and browse:
👉 http://localhost:8888

💻 Dashboard features including + more

📊 Overview

• Tool Availability - Click any tool to view details even how to install
• Reports over early tool runs, export result and even re-run them!
• Live Graphs and real-time KPI cards.
• Server Logs - Near real-time

🔎 Tool Run & Registry

• Search + filter across all tools
• Even run them!

🧩 Built-in Help

• Ready-made configs for:
  • Multiple IDEs
• Custom install path support → copy/paste ready

⚡ Under the Hood

• Major optimizations
• Heavy refactoring
• Improved performance & stability

💥 This is just the beginning

The dashboard unlocks a whole new level of control over your tooling and workflows.

🔧 Upgrade Now

Open a terminal in the folder and git pull to get latest + restart — done.

1.0.12

Updates:

• Updated README.md to reflect increased tooling (from 170+ to 180+ tools), Python version support (now 3.13+), new skills, and new modes (Compact Mode and Profile Mode), and clarified setup instructions. Also, noted that all tools now run asynchronously.
• 12 new tools
• 9 new LLM skills

1.0.11

Security and Authentication Improvements: (Thanks to @jrespeto )

• Added optional bearer token authentication to the server via the HEXSTRIKE_API_TOKEN environment variable; all endpoints now support Bearer auth if configured.
• Enhanced documentation to explain how to configure API tokens and network binding for secure deployments.
• The MCP client now supports passing a bearer token (--auth-token) and disabling SSL verification (--disable-ssl-verify) for connections to the server, improving compatibility with secure and proxied environments.*

Automated Tool Installation:

• Introduced a corresponding MCP tool, auto_install_missing_apt_tools, that triggers the server-side auto-installation process via the API.

Documentation and Usability:

• Updated the README.md to clarify installation, security, and usage instructions, including server flags, client configuration, and improved examples.

Dependency Updates:

• Added several new optional tools to requirements-tools.txt for enhanced OSINT and CTF capabilities.

Additionally, minor code cleanups were made throughout the codebase.

1.0.10

Tooling Expansion:

• Autopsy (binary analysis)
• Aircrack-ng (password cracking)
• TheHarvester (reconnaissance)
• exploit-db (exploit framework)

Codebase Refactoring and Modularity:

• Simplified tool imports in mcp_core/tool_profiles.py by replacing numerous individual imports with a single wildcard import from mcp_tools, supported by new __init__.py files in each submodule for easier tool registration and modularity.

Documentation and Configuration Updates:

• Minor logging format simplification in hexstrike_server.py.

These changes collectively improve the extensibility and maintainability of the project, while expanding its capabilities for security automation and AI-driven workflows.