File size: 3,877 Bytes
659ab0a 304fb53 659ab0a ef26c79 8b08bce d4cde51 2a66265 442530b 304fb53 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 | ---
license: mit
tags:
- security
- pentesting
- autonomous-agent
- cybersecurity
- tool-use
- qwen2.5
language:
- en
base_model:
- bartowski/Qwen2.5-14B_Uncensored_Instruct-GGUF
pipeline_tag: text-generation
library_name: transformers
---
<video autoplay loop muted playsinline width="100%">
<source src="./Final_EDIT.mp4" type="video/mp4">
</video>
π Local Security Model β Autonomous Pentesting Agent
Developed by: automajicly
Built on: Qwen2.5-14b-Instruct-Uncensored-GGUF by Bartowski
OVERVIEW
Local_Security_Model is an autonomous penetration testing agent designed for professional security assessments. Built on top of Qwen 2.5, it operates through a custom MCP (Model Context Protocol) architecture that enables real-time tool orchestration, vulnerability discovery, and exploit chaining β all running locally with no cloud dependency.
This agent was developed as the core engine behind PenMaster Security, targeting small business security audits, WordPress hardening, and ecommerce vulnerability assessments.
Key Capabilities
β’ Autonomous reconnaissance β masscan + nmap port/service enumeration with zero manual input
β’ Vulnerability assessment β searchsploit integration for CVE matching against discovered services
β’ Web application testing β nikto and sqlmap for injection and misconfiguration detection
β’ Credential auditing β hydra and ncrack for multi-protocol brute force testing
β’ Payload delivery β curl/wget for staged payload retrieval and HTTP interaction
β’ Structured reporting β auto-generated HTML pentest reports with severity ratings and remediation guidance
Architecture
agent_loop.py β LLM reasoning + tool chain generation (Qwen 2.5 via LM Studio)
mcp_server.py β Flask-based tool execution server (port 8000, systemd managed)
report_generator.py β HTML report engine with PenMaster branding
logs/ β Structured JSON session logs
reports/ β Auto-generated client-facing pentest reports
Model backend:
Qwen 2.5-14B served locally via LM StudioExecution layer: Flask MCP server with systemd auto-restartInterface: Terminal-native, SSH-accessible from remote IDEs (Cursor)
Tool Stack:
TOOL PURPOSE
masscan High speed port scanning
nmap Service/version enumeration
nitko Web server vulnerability scanning
sqlmap SQL injection detection
hydra Multi-protocol credential brute forcing
ncrack Network authentication cracking
searchsploit CVE/exploit database lookup
curl/wget HTTP interaction and payload staging
Intended Use
This model and agent stack is designed for:
β’ Professional penetration testing against authorized targets
β’ Security audits for small businesses, WordPress sites, and ecommerce platforms
β’ Vulnerability research in isolated lab environments
β’ Security education and CTF preparation
β οΈ Authorized use only. This tool is intended exclusively for use against systems you own or have explicit written permission to test. Unauthorized use is illegal and unethical.
Target Environments
β’ Kali Linux (primary deployment platform)
β’ Isolated VM lab networks
β’ Small business web infrastructure (with client authorization)
Business Context
Local_Security_Model is the core engine behind PenMaster Security β an independent penetration testing project offering:
β’ Initial security audit and vulnerability report
β’ Ongoing security hardening retainer
β’ WordPress and ecommerce-focused assessments
π¬ Contact: GitHub.com/XenoCoreGiger31
|