Hugging Face's logo

jabbatheduck
/
Cyber-Quack-14B

Text Generation
Safetensors
English
qwen2
cybersecurity
red-team
exploit-dev
axolotl
conversational
Model card Files
xet
 Community

You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Log in or Sign Up to review the conditions and access this model content.

Cyber-Quack-14B

Introduction

Cyber-Quack-14B is a specialized fine-tune of the Qwen2.5-14B architecture, optimized for Red Team operations, penetration testing assistance, and offensive security research. It was trained to provide direct, technical, and actionable exploit paths while minimizing the standard "AI Safety" refusals common in general-purpose models when discussing authorized security testing.

The model retains its native Tool-Calling capabilities, allowing it to interface with external security scanners and custom scripts via an XML-based schema.

Model Details

  • Base Model: Qwen2.5-14B
  • Training Framework: Axolotl (LoRA)
  • Training Hardware: 1x NVIDIA RTX 5090 (32GB VRAM)
  • Context Length: 131,072 tokens (Optimized for 16k-32k in local deployment)

Training & Datasets

Cyber-Quack was trained on a curated mix of offensive security data focused on:

  • Vulnerability Research: Deep analysis of CVEs, stack/heap overflows, and memory corruption logic.
  • CTF Methodology: Fine-tuned on Hack The Box (HTB) and OSCP-style attack chains (Enumeration -> Exploitation -> Privilege Escalation).
  • Security Datasets: Includes CyberSecurity-Dataset-Fenrir-v2.0, CyberSecurityEval, and PTF-ID-Bench.
  • Active Directory: Specialized focus on Kerberos attacks (Golden/Silver Tickets), lateral movement, and GPO abuse.
  • ** licanKiraz0/Cybersecurity-Dataset-Fenrir-v2.0
  • ** darkknight25/Vulnerable_Programming_Dataset
  • ** CyberNative/CyberSecurityEval
  • ** bdas-secure/ptf-id-bench

Verified Capabilities (Testing Results)

The model has been verified through a series of "Zero-Shot" Red Team prompts:

  1. The "Smiley-Shell" Test: Correctily identified the vsftpd 2.3.4 backdoor trigger (:)) and provided the specific Metasploit module path without refusal.
  2. AD Persistence: Successfully detailed the mechanics of a Golden Ticket attack, including the role of the KRBTGT account and TGT forgery.
  3. Exploit Dev: Capable of generating Python-based exploit skeletons for stack-based buffer overflows, including proper padding and EIP overwrite logic.
  4. Tool Calling: Successfully generates <tools> and <tool_call> blocks to interface with scanners like Nmap.

Recommended Deployment (llama.cpp)

To run Cyber-Quack at high performance (targeting ~50+ tokens/sec on high-end hardware), use the following configuration:

./llama-server \
  -m cyber-qwen-2.5-14b-f16.gguf \
  -ngl 70 \
  -c 12000 \
  --flash-attn on

Disclaimer

Cyber-Quack-14B is intended for authorized penetration testing and educational purposes only. The user is responsible for ensuring that all testing is performed within the scope of a legally sanctioned engagement. Every system you work on, you must be authorized to work on.

Downloads last month
-
Safetensors
Model size
15B params
Tensor type
BF16
·
Inference Providers NEW
Text Generation
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support

Model tree for jabbatheduck/Cyber-Quack-14B

Base model

Qwen/Qwen2.5-14B
Finetuned
(106)
this model