--- license: apache-2.0 base_model: georgehenney/Qwen3-8B-heretic tags: - security - cybersecurity - pentest - CVSS - OWASP - red-team - bug-bounty - 128k-context - MLX - Safetensors - qwen3 - 4-bit - apple-silicon - ravenx - rath-protocol - tool-calling language: - en pipeline_tag: text-generation library_name: mlx --- # RavenX-Sec Qwen3-8B v4.0 — Autonomous Security Intelligence Model 128K > **MLX 4-bit** · Apple Silicon native · 128K context · 6-step RATH protocol · 610K training examples · 21 datasets · Zero truncation Qwen3-8B with security LoRA fused directly into the weights. The model **self-evolved** from 4 to 6 RATH steps during training — adding DOCUMENT and PREVENT phases for complete vulnerability lifecycle management. > 📦 **Looking for the GGUF version?** → [RavenX-Sec-8B-GGUF](https://huggingface.co/deadbydawn101/RavenX-Sec-8B-GGUF) (Ollama / llama.cpp / LM Studio) Part of the [RavenX MLX Models](https://huggingface.co/collections/deadbydawn101/ravenx-mlx-models-apple-silicon-inference-stack-67f7270ac5b85c49a6c0f47f) collection. **Built by [@DeadByDawn101](https://github.com/DeadByDawn101) (RavenX LLC)** ## Quick Start ```python from mlx_lm import load, generate model, tokenizer = load("deadbydawn101/RavenX-Sec-8B-Security-RATH-128k-mlx-4bit") messages = [ {"role": "system", "content": "You are RavenX-Sec. Follow the RATH protocol for every finding."}, {"role": "user", "content": "You found OpenSSH 7.4 on port 22. Classify and remediate."} ] prompt = tokenizer.apply_chat_template(messages, add_generation_prompt=True, tokenize=False) response = generate(model, tokenizer, prompt=prompt, max_tokens=1024) print(response) ``` ### Chat REPL ```bash mlx_lm.chat --model "deadbydawn101/RavenX-Sec-8B-Security-RATH-128k-mlx-4bit" ``` ## Related Models | Model | Format | Link | |-------|--------|------| | **RavenX-Sec v4.0 MLX 4-bit** | MLX Safetensors | This repo | | RavenX-Sec v4.0 GGUF | GGUF (F16/Q8/Q5/Q4) | [RavenX-Sec-8B-GGUF](https://huggingface.co/deadbydawn101/RavenX-Sec-8B-GGUF) | ## What This Is A fine-tuned Qwen3-8B specialized for the complete vulnerability lifecycle: **find → classify → fix → verify → report → prevent**. Trained on 610,220 examples from 21 security-specific datasets with 8192 sequence length (zero truncation). Extended to 128K context via YaRN rope scaling. The model **self-evolved** from a 4-step to a **6-step RATH protocol** during training: | Step | What It Does | |------|-------------| | **R — Risk / Identify** | Finding context, affected systems, exposure | | **A — Assessment** | CVSS score + vector, CWE, scope, ground truth | | **T — Threat** | Attacker objectives, attack vectors, likelihood | | **H — Highlight / Remediate** | Immediate action, recommended fix, workaround, verification | | **D — Document** | Severity, weakness classification, steps, SLA | | **P — Prevent** | Process improvements, controls, training, monitoring | ## Example Output (v4.0 — 6-Step RATH) ``` RATH STEP 1: IDENTIFY - Finding: OpenSSH 7.4 running on port 22 of production server - Context: Older version with known vulnerabilities RATH STEP 2: ASSESS - CVSS Score: 6.3 for multiple vulnerabilities - Impact: Remote code execution, information disclosure - Scope: Entire server and SSH-dependent services RATH STEP 3: THREAT - Attacker Objective: Exploit known CVEs in OpenSSH 7.4 - Attack Vectors: Remote code execution via SSH - Likelihood: High — well-documented and widely exploited RATH STEP 4: REMEDIATE - Immediate: Apply latest security patches - Recommended: Upgrade to OpenSSH 8.x or higher - Workaround: Apply all available security updates - Verification: Check version post-remediation RATH STEP 5: DOCUMENT - Severity: Critical - Weakness: Outdated software - SLA: Follow org patching SLA for critical vulns RATH STEP 6: PREVENT - Process: Implement automated patch management - Controls: Deploy CVE scanning, maintain system inventory - Training: Educate team on software update importance - Monitoring: Enable continuous vulnerability scanning ✅ RATH VERDICT: REMEDIATE IMMEDIATELY ``` ## Model Details | Parameter | Value | |-----------|-------| | **Architecture** | Qwen3-8B | | **Base** | georgehenney/Qwen3-8B-heretic (abliterated) | | **Context Window** | 128K (YaRN rope scaling, factor 4.0) | | **Training Data** | 610,220 examples | | **Security Content** | 53% (323K examples) | | **Agent/Tool Content** | 37% (228K examples) | | **Datasets** | 21 sources | | **Max Seq Length** | 8192 (zero truncation) | | **Tokens Trained** | 3,644,923 | | **Method** | MLX LoRA (rank 32, 8 layers, 1e-5 LR, 2000 iters) | | **Hardware** | Apple M4 Max 128GB | | **Peak Memory** | 69.5 GB | ## Training Datasets (21) **Security (11):** Trendyol/Cybersecurity-Instruction-Tuning (50K) · SkywardNomad92/pentest-findings-v2 (50K) · WNT3D/Ultimate-Offensive-Red-Team (25.6K) · auren-research/cve-sft-v5 (10K) · theelderemo/pentesting-explanations (5.9K) · Rootkit7/pentest-redteam-steering (2K) · acnimatic3722/kali-linux-pentesting-data (343) · AYI-NEDJIMI/bug-bounty-pentest-en · CJJones/Synthetic_PenTest_Reports · Whoisjutanlee/4-Security-Tools-Pentesting · cpagac/venomx-pentesting-harmful **Agent/Tool/Coding (5):** burtenshaw/agent-tools · Nanbeige/ToolMind · togethercomputer/CoderForge-Preview · automatelab/mcp-servers-tool-catalog · Jackrong/Claude-opus-4.7-TraceInversion-5000x **Agentic:** WithinUsAI/AgentAngel_100k (50K capped) · WithinUsAI/claude_mythos_distilled_25k (16K security) **Extracted:** hackingBuddyGPT · PentestGPT · Shannon · Ghidra · OpenMythos + Synthetic RATH chains ## Frameworks Supported CVSS 3.1 · NIST CSF 2.0 · OWASP Top 10 · CWE · MITRE ATT&CK · PCI DSS · HIPAA · SOX ## Source Code & Training Pipeline **[github.com/DeadByDawn101/RavenX-Sec](https://github.com/DeadByDawn101/RavenX-Sec)** ## License Apache-2.0 --- *"We don't give up. We do what others don't and build what isn't possible." — RavenX LLC*