Skip to main content

Install cysense

cysense ships native binaries for macOS, Linux, and Windows.

All published binaries are signed:

  • Windows — Authenticode-signed by Cybrium Inc via Azure Trusted Signing. SmartScreen and Defender both accept the cert without warning.
  • macOS — Apple Developer ID notarised and stapled. Gatekeeper opens the binary cleanly on first launch.
  • Linux — Sigstore-signed (cosign keyless) with provenance attestation.

Prerequisites

cysense requires libpcap for packet capture.

# macOS — included with Xcode CLI tools
xcode-select --install

# Debian / Ubuntu
sudo apt-get install libpcap-dev

# RHEL / CentOS
sudo yum install libpcap-devel

Windows uses Npcap instead. Install Npcap (with "WinPcap API-compatible mode" disabled) before running cysense.

macOS / Linux — Homebrew

brew tap cybrium-ai/cli
brew install cysense

Windows — Scoop

scoop bucket add cybrium https://github.com/cybrium-ai/scoop-bucket
scoop install cysense

Scoop pulls the latest signed binary from GitHub Releases, verifies the SHA-256 against the manifest, and places it on your PATH. scoop update keeps you on the latest version automatically.

Windows — PowerShell one-liner

irm https://cybrium.ai/install.ps1 | iex

Installs every supported Windows cy* tool: cyweb, cysense, cywave, cyprobe. To pick a specific tool:

& ([scriptblock]::Create((irm https://cybrium.ai/install.ps1))) -Tool cysense

The installer downloads the latest signed .exe from GitHub Releases, verifies the published SHA-256, verifies the Authenticode signature is by CN=Cybrium Inc, and places the binary under %LOCALAPPDATA%\\Programs\\Cybrium\\ with the directory added to your user PATH.

Pre-built binaries

Download from GitHub Releases.

PlatformArchitectureBinary
macOSApple Silicon (arm64)cysense-darwin-arm64
macOSIntel (x86_64)cysense-darwin-amd64
Linuxx86_64cysense-linux-amd64
Linuxarm64cysense-linux-arm64
Windowsx86_64cysense-windows-amd64.exe

Linux / macOS

curl -L https://github.com/cybrium-ai/cysense/releases/latest/download/cysense-linux-amd64 -o cysense
chmod +x cysense
sudo mv cysense /usr/local/bin/

Windows (PowerShell)

$dest = "$env:LOCALAPPDATA\Programs\Cybrium"
New-Item -ItemType Directory -Force -Path $dest | Out-Null
Invoke-WebRequest `
  -Uri "https://github.com/cybrium-ai/cysense/releases/latest/download/cysense-windows-amd64.exe" `
  -OutFile "$dest\cysense.exe"
[Environment]::SetEnvironmentVariable("Path", "$([Environment]::GetEnvironmentVariable('Path','User'));$dest", "User")

Open a new terminal afterwards so the updated PATH takes effect.

Verifying the Windows signature

Get-AuthenticodeSignature .\cysense.exe

Expected: Status = Valid, SignerCertificate.Subject = CN=Cybrium Inc, ....

Windows — MSI installer

Download cysense-windows-amd64.msi from GitHub Releases and double-click to install.

The MSI is Authenticode-signed by Cybrium Inc via Azure Trusted Signing — Windows accepts it without a SmartScreen warning. Installs into C:\Program Files\cysense\ and registers in Add or Remove Programs so administrators can deploy it via Intune, Group Policy, or msiexec.

Silent install / uninstall for fleet deployment:

msiexec /i cysense-windows-amd64.msi /quiet /norestart
msiexec /x cysense-windows-amd64.msi /quiet
Winget / Chocolatey — pending moderator review

Winget manifest (PR microsoft/winget-pkgs#381380) and Chocolatey packages are submitted and awaiting moderator review. Until they land, use the MSI above, Scoop, or the signed .exe.

Build from source

Requires Rust 1.75+. Cross-compilation supported for all three platforms.

git clone https://github.com/cybrium-ai/cysense.git
cd cysense
cargo build --release
# Binary at target/release/cysense (or cysense.exe on Windows)

Cross-compile to Windows from macOS / Linux

rustup target add x86_64-pc-windows-msvc
cargo install cargo-xwin
cargo xwin build --release --target x86_64-pc-windows-msvc
# Binary at target/x86_64-pc-windows-msvc/release/cysense.exe

Verify installation

cysense version

Windows (PowerShell):

cysense.exe version
Elevated privileges required

Packet capture requires elevated privileges.

  • Linux: grant the binary CAP_NET_RAW: 
    sudo setcap cap_net_raw+ep $(which cysense)
  • macOS: run with sudo.
  • Windows: install Npcap (link above) and run the terminal as Administrator.