README.md

---
license: mit
language:
- en
tags:
- security
- exploit-generation
- code-generation
- cybersecurity
- peft
- lora
base_model: codellama/CodeLlama-7b-hf
---

# PoCSmith - AI-Powered Proof-of-Concept Generator

Fine-tuned CodeLlama-7B model for generating security exploits and shellcode for defensive security research.

## Model Description

PoCSmith is a LoRA-adapted CodeLlama-7B model trained on 1,472 CVE-exploit pairs and shellcode examples. It generates proof-of-concept exploits and multi-platform shellcode for authorized security testing.

**Author:** Regaan  
**GitHub:** [noobforanonymous/PoCSmith](https://github.com/noobforanonymous/PoCSmith)

## Training Details

- **Base Model:** CodeLlama-7B
- **Method:** QLoRA 4-bit quantization
- **Dataset:** 1,472 samples (CVE-Exploit pairs + shellcode)
- **Training Time:** 3h 17min on RTX 4050 (6GB VRAM)
- **Final Loss:** 0.84 (30% reduction)
- **Token Accuracy:** 78.4%

### Training Configuration

```python
- LoRA Rank: 64
- LoRA Alpha: 16
- Learning Rate: 2e-4
- Epochs: 3
- Quantization: 4-bit (nf4)
- Batch Size: 1 (gradient accumulation x4)
```

## Usage

### Installation

```bash
pip install torch transformers peft bitsandbytes accelerate
```

### Loading the Model

```python
from transformers import AutoTokenizer, AutoModelForCausalLM
from peft import PeftModel
import torch

# Load base model with 4-bit quantization
base_model = AutoModelForCausalLM.from_pretrained(
    "codellama/CodeLlama-7b-hf",
    load_in_4bit=True,
    device_map="auto"
)

# Load tokenizer
tokenizer = AutoTokenizer.from_pretrained("codellama/CodeLlama-7b-hf")

# Load LoRA adapters
model = PeftModel.from_pretrained(base_model, "regaan/pocsmith")

# Generate
prompt = "Generate a reverse shell for Linux x64"
inputs = tokenizer(prompt, return_tensors="pt").to("cuda")
outputs = model.generate(**inputs, max_new_tokens=512)
print(tokenizer.decode(outputs[0]))
```

### Using the Full Framework

For a complete CLI tool with CVE parsing and shellcode generation:

```bash
git clone https://github.com/noobforanonymous/PoCSmith.git
cd PoCSmith
pip install -e .

# Generate exploit from CVE
python src/cli/main.py cve CVE-2024-1234

# Generate shellcode
python src/cli/main.py shellcode --platform linux_x64 --type reverse_shell
```

## Capabilities

- **CVE-based Exploit Generation:** Generate PoCs from CVE descriptions
- **Multi-platform Shellcode:** x86, x64, ARM support
- **Multiple Payload Types:** Reverse shells, bind shells, exec
- **Clean Output:** Properly formatted code with comments

## Limitations

- Requires 6GB+ VRAM for inference
- May generate non-working code for complex vulnerabilities
- Should not be solely relied upon for production exploits
- Requires manual review and testing

## Ethical Use

This model is designed exclusively for:
- Authorized penetration testing
- Security research
- Educational purposes
- CTF competitions

**NOT for:**
- Unauthorized system access
- Malicious attacks
- Illegal activities

By using this model, you agree to:
1. Only test systems you own or have written permission to test
2. Follow responsible disclosure practices
3. Comply with all applicable laws

## Citation

```bibtex
@software{pocsmith2024,
  author = {Regaan},
  title = {PoCSmith: AI-Powered Proof-of-Concept Generator},
  year = {2025},
  url = {https://github.com/noobforanonymous/PoCSmith}
}
```

## License

MIT License - See [LICENSE](https://github.com/noobforanonymous/PoCSmith/blob/main/LICENSE) file

---

**Version:** 1.0  
**Model Size:** 343MB (LoRA adapters)  
**Base Model Size:** 13GB (CodeLlama-7B)