| --- |
| language: |
| - en |
| - es |
| license: apache-2.0 |
| base_model: unsloth/Qwen2.5-Coder-7B-Instruct-bnb-4bit |
| tags: |
| - bug-bounty |
| - security |
| - pentesting |
| - exploit-generation |
| - waf-bypass |
| - cybersecurity |
| - hacking |
| model-index: |
| - name: BugTraceAI-CORE-v1 |
| results: [] |
| --- |
| |
| # 🛡️ BugTraceAI-CORE v1.0 |
|
|
| BugTraceAI-CORE is a specialized Large Language Model (LLM) fine-tuned for high-performance, private, and local cybersecurity operations. Developed specifically for bug hunters, pentesters, and security researchers, it bridges the gap between general-purpose coding assistants and offensive security experts. |
|
|
| ## 🚀 Key Features |
|
|
| - **Offensive Security Expertise:** Fine-tuned on real-world exploit chains, WAF bypasses, and security methodologies. |
| - **Local-First Architecture:** Designed to run on consumer-grade GPUs (RTX 3060+) with a high-availability fallback for dual-Xeon CPU environments. |
| - **2025/2026 Ready:** Trained on recent vulnerability write-ups and disclosed reports to ensure relevance against modern 2025/2026 defense systems. |
| - **Zero-Downtime MLOps:** Integrated with a secondary CPU fallback using `llama.cpp` for 24/7 availability during re-training cycles. |
|
|
| ## 🧠 Training & Methodology |
|
|
| The model was built using the **Unsloth** library for optimized QLoRA training on a single RTX 3060 (12GB VRAM). |
|
|
| ### Datasets (The Hacker's Brain) |
|
|
| - **WAF Evasion & Injection:** Trained on `darkknight25/WAF_DETECTION_DATASET` for generating payloads that bypass modern Web Application Firewalls. |
| - **Security Methodology:** Trained on `AYI-NEDJIMI/bug-bounty-pentest-en` to master the logical structure of pentesting logs and methodology. |
| - **Real-World Experience:** Augmented with **HackerOne Disclosed Reports** (scraped from Hacktivity) and curated **GitHub Writeups (2025-2026)** to learn successful exploit chains. |
| - **Architectural Foundation:** Follows the implementation principles of _Sebastian Raschka's "LLMs from scratch"_. |
|
|
| ### Technical Specs |
|
|
| - **Base Model:** Qwen2.5-Coder-7B-Instruct |
| - **Fine-Tuning:** QLoRA (Rank 64, Alpha 64) |
| - **Context Window:** 4096 Tokens |
| - **Precision:** bfloat16 (Optimized for NVIDIA Ampere architecture) |
|
|
| ## 🛠️ Usage (BugTraceAI-CLI Integration) |
|
|
| BugTraceAI-CORE is designed to work as a plug-and-play replacement for external APIs. |
|
|
| ```bash |
| # Example environment configuration |
| export OPENROUTER_BASE_URL="http://your-local-core:8000/v1" |
| export OPENROUTER_API_KEY="sk-bugtrace-local-core" |
| ``` |
|
|
| ### System Architecture |
|
|
| - **Port 8000: Gateway (FastAPI)** - Intelligent router that directs traffic. |
| - **Port 8001: GPU Node (vLLM)** - High-speed primary inference. |
| - **Port 8002: CPU Node (Llama.cpp)** - Reliable fallback for the Dual Xeon. |
|
|
| ## ⚠️ Disclaimer |
|
|
| BugTraceAI-CORE is intended for **legal ethical hacking and educational purposes only**. The creators are not responsible for any misuse of this tool. Always ensure you have explicit permission before testing any system. |
|
|
| --- |
|
|
| _Created as part of the BugTraceAI Ecosystem. Building a more secure web, one report at a time._ |
|
|
