Model Card: SecAnalyst-XSS-30b

This repository contains the LoRA adapter weights for a specialized finetune of Qwen3-Coder-30B-A3B-Instruct. This adapter is designed to transform the base model into a vulnerability reconnaissance assistant capable of identifying Cross-Site Scripting (XSS) vectors within raw web artifacts.

Model Description

The Hugging Face Hub recommends using separate repositories for different model variants to improve visibility and navigation. This LoRA release provides the specific specialized weights trained to analyze raw data—such as logs, code, or HTTP headers—to identify potential attack vectors.

Intended Use

The model is trained to process raw HTTP requests and responses to:

• Identify unsanitized user input reflected in HTML bodies or attributes.
• Detect File Upload XSS by analyzing MIME types and file content.
• Identify Stored XSS in JSON API responses where user-supplied fields are returned unescaped.

Technical Specifications

• Base Model: Qwen3-Coder-30B-A3B-Instruct.
• Training Framework: Trained using the unsloth library for memory efficiency and speed.
• Hardware: Developed on an A100 SXM via RunPod.
• Training Data: The adapter was trained on a dataset of 30,000 examples, consisting of 10k synthetic examples reformatted from bug bounty reports and 20k examples from common crawl (including parameter reflection, hard negatives, and static pages).

Usage Example

To use this LoRA adapter, you must load it on top of the base Qwen3-Coder model. Below is a copy-and-run snippet using the transformers and peft libraries:

from transformers import AutoModelForCausalLM, AutoTokenizer
from peft import PeftModel

base_model_path = "Qwen/Qwen3-Coder-30B-A3B-Instruct"
adapter_path = "kusonooyasumi/secanalyst-xss-30b"

tokenizer = AutoTokenizer.from_pretrained(base_model_path)
model = AutoModelForCausalLM.from_pretrained(base_model_path)
model = PeftModel.from_pretrained(model, adapter_path)

# Example: Analyzing a suspicious GET request
artifact = "GET /search?q=test%22%3E%3Cscript%3Ealert(1)%3C/script%3E HTTP/1.1..."
# The assistant will identify the reflection and suggest testing the 'q' parameter.

Performance and Limitations

The model demonstrates high proficiency in identifying reflection points in complex HTML structures. However, users should be aware of the following:

• Scope: Primarily focused on XSS; other vulnerability types may not be detected with the same accuracy.
• Verification: Always test all code snippets in a clean environment to confirm they work as expected.
• Biases: Documentation of known biases and ethical considerations is provided to help users make informed choices.

Ethical Considerations

This model is intended for ethical security research and authorized bug bounty participation. Misuse of this tool for unauthorized activities is strictly discouraged.