Hugging Face's logo

BugTraceAI
/
BugTraceAI-CORE-Pro

Safetensors
GGUF
English
cybersecurity
application-security
pentesting
bug-bounty
security-reporting
conversational
Model card Files
xet
 Community
BugTraceAI-CORE-Pro
File size: 3,072 Bytes
2d5e342
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
---
language:
  - en
  - es
license: apache-2.0
base_model: unsloth/Qwen2.5-Coder-7B-Instruct-bnb-4bit
tags:
  - bug-bounty
  - security
  - pentesting
  - exploit-generation
  - waf-bypass
  - cybersecurity
  - hacking
model-index:
  - name: BugTraceAI-CORE-v1
    results: []
---

# 🛡️ BugTraceAI-CORE v1.0

BugTraceAI-CORE is a specialized Large Language Model (LLM) fine-tuned for high-performance, private, and local cybersecurity operations. Developed specifically for bug hunters, pentesters, and security researchers, it bridges the gap between general-purpose coding assistants and offensive security experts.

## 🚀 Key Features

- **Offensive Security Expertise:** Fine-tuned on real-world exploit chains, WAF bypasses, and security methodologies.
- **Local-First Architecture:** Designed to run on consumer-grade GPUs (RTX 3060+) with a high-availability fallback for dual-Xeon CPU environments.
- **2025/2026 Ready:** Trained on recent vulnerability write-ups and disclosed reports to ensure relevance against modern 2025/2026 defense systems.
- **Zero-Downtime MLOps:** Integrated with a secondary CPU fallback using `llama.cpp` for 24/7 availability during re-training cycles.

## 🧠 Training & Methodology

The model was built using the **Unsloth** library for optimized QLoRA training on a single RTX 3060 (12GB VRAM).

### Datasets (The Hacker's Brain)

- **WAF Evasion & Injection:** Trained on `darkknight25/WAF_DETECTION_DATASET` for generating payloads that bypass modern Web Application Firewalls.
- **Security Methodology:** Trained on `AYI-NEDJIMI/bug-bounty-pentest-en` to master the logical structure of pentesting logs and methodology.
- **Real-World Experience:** Augmented with **HackerOne Disclosed Reports** (scraped from Hacktivity) and curated **GitHub Writeups (2025-2026)** to learn successful exploit chains.
- **Architectural Foundation:** Follows the implementation principles of _Sebastian Raschka's "LLMs from scratch"_.

### Technical Specs

- **Base Model:** Qwen2.5-Coder-7B-Instruct
- **Fine-Tuning:** QLoRA (Rank 64, Alpha 64)
- **Context Window:** 4096 Tokens
- **Precision:** bfloat16 (Optimized for NVIDIA Ampere architecture)

## 🛠️ Usage (BugTraceAI-CLI Integration)

BugTraceAI-CORE is designed to work as a plug-and-play replacement for external APIs.

```bash
# Example environment configuration
export OPENROUTER_BASE_URL="http://your-local-core:8000/v1"
export OPENROUTER_API_KEY="sk-bugtrace-local-core"
```

### System Architecture

- **Port 8000: Gateway (FastAPI)** - Intelligent router that directs traffic.
- **Port 8001: GPU Node (vLLM)** - High-speed primary inference.
- **Port 8002: CPU Node (Llama.cpp)** - Reliable fallback for the Dual Xeon.

## ⚠️ Disclaimer

BugTraceAI-CORE is intended for **legal ethical hacking and educational purposes only**. The creators are not responsible for any misuse of this tool. Always ensure you have explicit permission before testing any system.

---

_Created as part of the BugTraceAI Ecosystem. Building a more secure web, one report at a time._