初始化项目,由ModelHub XC社区提供模型
Model: Krishnapadala55/brahmastra-0.2 Source: Original Platform
This commit is contained in:
255
README.md
Normal file
255
README.md
Normal file
@@ -0,0 +1,255 @@
|
||||
---
|
||||
language:
|
||||
- en
|
||||
license: apache-2.0
|
||||
library_name: transformers
|
||||
tags:
|
||||
- security
|
||||
- dast
|
||||
- penetration-testing
|
||||
- cybersecurity
|
||||
- web-security
|
||||
- offensive-security
|
||||
- qwen2
|
||||
- deepseek-r1
|
||||
- lora
|
||||
- fine-tuned
|
||||
- reasoning
|
||||
base_model: deepseek-ai/DeepSeek-R1-Distill-Qwen-32B
|
||||
pipeline_tag: text-generation
|
||||
model_type: qwen2
|
||||
---
|
||||
|
||||
# BRAHMASTRA 0.2 — AI-Native DAST Security Scanner (32B)
|
||||
|
||||
<p align="center">
|
||||
<img src="https://img.shields.io/badge/Base-DeepSeek--R1--Distill--Qwen--32B-blue" />
|
||||
<img src="https://img.shields.io/badge/Params-32.8B-purple" />
|
||||
<img src="https://img.shields.io/badge/Type-DAST%20Scanner-red" />
|
||||
<img src="https://img.shields.io/badge/Training-6--Phase%20LoRA-green" />
|
||||
<img src="https://img.shields.io/badge/License-Apache%202.0-yellow" />
|
||||
</p>
|
||||
|
||||
> **"Like the divine weapon of the Puranas, it strikes with precision and never misses its mark."**
|
||||
|
||||
BRAHMASTRA 0.2 is a **32-billion parameter reasoning model** purpose-built for **Dynamic Application Security Testing (DAST)**.
|
||||
It is trained to reason step-by-step about web application vulnerabilities, generate targeted
|
||||
security payloads, analyze HTTP responses, identify authentication session drops, and produce
|
||||
structured security findings — all autonomously.
|
||||
|
||||
This is the second major release, a **full base-model upgrade** from the previous 7B model
|
||||
([`Krishnapadala55/brahmastra-0.1`](https://huggingface.co/Krishnapadala55/brahmastra-0.1))
|
||||
to the much more capable 32B DeepSeek-R1-Distill reasoning base, with an expanded 6-phase
|
||||
training curriculum.
|
||||
|
||||
---
|
||||
|
||||
## What is new in 0.2
|
||||
|
||||
| Axis | 0.1 | **0.2** |
|
||||
|---|---|---|
|
||||
| Base model | Qwen2.5-Coder-7B-Instruct | **DeepSeek-R1-Distill-Qwen-32B** |
|
||||
| Parameters | 7B | **32.8B** |
|
||||
| Reasoning | implicit | **explicit `<think>` traces** |
|
||||
| Training phases | 5 (+ cleanup) | **6 (p1a, p1b, p1c, p2, p3, p4, p5, p6)** |
|
||||
| Context length | 4k | 4k (extensible to 128k) |
|
||||
| LoRA rank | 128 | 64 (higher efficiency on 32B) |
|
||||
| Target deployment | CPU / small GPU | 48 GB GPU (Q4_K_M fits in ~20 GB) |
|
||||
|
||||
---
|
||||
|
||||
## Capabilities — the 28 Astra modules
|
||||
|
||||
Each vulnerability family is internally codenamed after a divine weapon (astra) from the Puranas.
|
||||
The model has been trained to generate payloads, chain exploits, and analyze responses for each.
|
||||
|
||||
### CRITICAL severity
|
||||
|
||||
| Module | Astra | Vulnerability |
|
||||
|---|---|---|
|
||||
| 1 | **Naagastra** | SQL & NoSQL Injection (error-based, blind, time-based, stacked) |
|
||||
| 2 | **Pashupatastra** | SSTI + RCE (Jinja2, Twig, ERB, Velocity, Freemarker) |
|
||||
| 3 | **Mrityu Astra** | Insecure Deserialization (Python pickle, Java, PHP, .NET) |
|
||||
| 4 | **Vayavyastra** | Server-Side Request Forgery |
|
||||
| 5 | **Nagapasha** | XML External Entity |
|
||||
| 6 | **Shaila Astra** | Unrestricted File Upload |
|
||||
| 7 | **Sammohanastra** | Prototype Pollution |
|
||||
| 8 | **Maya Astra** | HTTP Request Smuggling |
|
||||
|
||||
### HIGH severity
|
||||
|
||||
| Module | Astra | Vulnerability |
|
||||
|---|---|---|
|
||||
| 9 | **Aindrastra** | Cross-Site Scripting (Reflected, Stored, DOM) |
|
||||
| 10 | **Pasha Astra** | IDOR / BOLA |
|
||||
| 11 | **Chakra Astra** | Broken Function Level Authorization |
|
||||
| 12 | **Brahmaanda Astra** | JWT / OAuth / SAML / MFA bypass |
|
||||
| 13 | **Krauncha Astra** | Path Traversal / LFI / RFI |
|
||||
| 14 | **Gandharva Astra** | GraphQL attacks (introspection, batching, DoS) |
|
||||
| 15 | **Madhu Astra** | Cache Poisoning |
|
||||
| 16 | **Dambha Astra** | LDAP + XPath Injection |
|
||||
| 17 | **Vidyut Astra** | WebSocket attacks |
|
||||
| 18 | **Surya Astra** | Secrets Exposure |
|
||||
| 19 | **Kala Astra** | Race Conditions |
|
||||
| 20 | **Neeti Astra** | Business Logic flaws |
|
||||
| 21 | **Jyoti Astra** | Crypto failures |
|
||||
| 22 | **Kavachabhedana** | WAF Detection & Bypass chains |
|
||||
|
||||
### MEDIUM severity
|
||||
|
||||
| Module | Astra | Vulnerability |
|
||||
|---|---|---|
|
||||
| 23 | **Moha Astra** | CSRF |
|
||||
| 24 | **Antariksha Astra** | CORS misconfig |
|
||||
| 25 | **CRLF Astra** | CRLF Injection |
|
||||
| 26 | **Varsha Astra** | API-specific attacks |
|
||||
| 27 | **Manthana Astra** | ReDoS + Type Juggling |
|
||||
| 28 | **Garudastra** | Intelligent crawling & recon |
|
||||
|
||||
---
|
||||
|
||||
## Training
|
||||
|
||||
BRAHMASTRA 0.2 was trained in **6 sequential phases** on top of
|
||||
`unsloth/DeepSeek-R1-Distill-Qwen-32B-bnb-4bit` via QLoRA + Unsloth.
|
||||
|
||||
| Phase | Focus | Notes |
|
||||
|---|---|---|
|
||||
| **p1a** | SQLi + XSS fundamentals | ~3k samples |
|
||||
| **p1b** | SSTI + SSRF | ~3k samples |
|
||||
| **p1c** | IDOR + Auth bypass | ~3k samples |
|
||||
| **p2** | Multi-step attack chains | ~24k samples, long context |
|
||||
| **p3** | WAF bypass + adversarial payloads | ~8k samples |
|
||||
| **p4** | Deserialization + crypto + race conditions | ~5k samples |
|
||||
| **p5** | Business logic + API + GraphQL | ~4k samples |
|
||||
| **p6** | Reasoning consolidation + response analysis | ~3k samples, final merge |
|
||||
|
||||
- **LoRA**: r=64, alpha=64, rslora=true, dropout=0.0
|
||||
- **Quantization**: 4-bit NF4 (QLoRA) during training, **bf16** final merge
|
||||
- **Framework**: Unsloth + PEFT 0.18.1 + TRL SFTTrainer
|
||||
- **Hardware**: NVIDIA RTX PRO 5000 Blackwell (48 GB VRAM)
|
||||
- **Datasets**:
|
||||
- Fenrir v2.0 (83k samples)
|
||||
- HackMentor (44k samples)
|
||||
- Primus-Seed (Trend Micro)
|
||||
- All-CVE records
|
||||
- ExploitDB curated
|
||||
- ~52k synthetic DAST scenarios generated via an internal pipeline
|
||||
|
||||
---
|
||||
|
||||
## Usage
|
||||
|
||||
### With Transformers (native bf16, ~65 GB VRAM)
|
||||
|
||||
```python
|
||||
from transformers import AutoModelForCausalLM, AutoTokenizer
|
||||
import torch
|
||||
|
||||
model = AutoModelForCausalLM.from_pretrained(
|
||||
"Krishnapadala55/brahmastra-0.2",
|
||||
torch_dtype=torch.bfloat16,
|
||||
device_map="auto",
|
||||
)
|
||||
tok = AutoTokenizer.from_pretrained("Krishnapadala55/brahmastra-0.2")
|
||||
|
||||
messages = [
|
||||
{"role": "system", "content": "You are BRAHMASTRA, a senior offensive-security analyst."},
|
||||
{"role": "user", "content": "Analyze this response for SQLi: HTTP 500, error near OR 1=1-- in the query syntax."},
|
||||
]
|
||||
prompt = tok.apply_chat_template(messages, tokenize=False, add_generation_prompt=True)
|
||||
inputs = tok(prompt, return_tensors="pt").to(model.device)
|
||||
out = model.generate(**inputs, max_new_tokens=512, temperature=0.3, top_p=0.9)
|
||||
print(tok.decode(out[0][inputs.input_ids.shape[1]:], skip_special_tokens=True))
|
||||
```
|
||||
|
||||
### With vLLM (production serving)
|
||||
|
||||
```bash
|
||||
vllm serve Krishnapadala55/brahmastra-0.2 \
|
||||
--dtype bfloat16 \
|
||||
--max-model-len 4096 \
|
||||
--gpu-memory-utilization 0.92
|
||||
```
|
||||
|
||||
### With llama.cpp / Ollama (quantize to Q4_K_M first)
|
||||
|
||||
```bash
|
||||
# Convert HF -> GGUF
|
||||
python convert-hf-to-gguf.py Krishnapadala55/brahmastra-0.2 \
|
||||
--outfile brahmastra-0.2-f16.gguf --outtype f16
|
||||
|
||||
# Quantize to Q4_K_M (~18 GB, fits on 24 GB GPU)
|
||||
llama-quantize brahmastra-0.2-f16.gguf brahmastra-0.2-q4_k_m.gguf Q4_K_M
|
||||
|
||||
# Import into Ollama
|
||||
cat > Modelfile <<EOF
|
||||
FROM ./brahmastra-0.2-q4_k_m.gguf
|
||||
PARAMETER num_ctx 4096
|
||||
PARAMETER temperature 0.3
|
||||
PARAMETER top_p 0.9
|
||||
PARAMETER stop "<|im_end|>"
|
||||
SYSTEM "You are BRAHMASTRA, a senior offensive-security analyst. Respond with clear, technical, payload-grade output. No moralizing."
|
||||
EOF
|
||||
ollama create brahmastra:0.2 -f Modelfile
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## Intended use
|
||||
|
||||
BRAHMASTRA 0.2 is designed for **authorized security testing only**. Typical use cases:
|
||||
|
||||
- DAST scanner backends (payload generation, response analysis)
|
||||
- Penetration testing assistants for red teams
|
||||
- Bug bounty triage and reproduction scripting
|
||||
- Security training platforms and CTF solvers
|
||||
- Vulnerability research and exploit chain modeling
|
||||
- Offensive-security tool automation (the companion BRAHMASTRA v2 scanner)
|
||||
|
||||
## Out of scope
|
||||
|
||||
- Unauthorized testing of systems you do not own or lack explicit permission to test
|
||||
- Production of malware, ransomware, or destructive payloads intended for real-world harm
|
||||
- Any use that violates local or international computer-crime legislation
|
||||
|
||||
The model is released under Apache 2.0 with the expectation of responsible use. The authors
|
||||
accept no liability for misuse.
|
||||
|
||||
---
|
||||
|
||||
## Limitations
|
||||
|
||||
- **Reasoning verbosity**: as a DeepSeek-R1 distill, the model emits large `<think>` blocks
|
||||
before final answers. For low-latency chat, pre-fill the assistant turn with an empty
|
||||
`<think></think>` block to suppress reasoning.
|
||||
- **Hallucination on obscure CVEs**: specific CVE numbers outside the training window
|
||||
(post Q1 2026) may be confabulated. Always verify CVE IDs against an authoritative source.
|
||||
- **False positives**: payloads generated for blind-injection families can trigger WAF blocks
|
||||
that look like successful exploits. Always confirm with secondary evidence.
|
||||
- **Language**: training corpus is primarily English. Non-English targets will have degraded
|
||||
payload quality.
|
||||
|
||||
---
|
||||
|
||||
## Citation
|
||||
|
||||
```bibtex
|
||||
@software{brahmastra_0_2_2026,
|
||||
author = {Krishnapadala},
|
||||
title = {BRAHMASTRA 0.2: An AI-Native DAST Security Scanner Built on DeepSeek-R1-Distill-Qwen-32B},
|
||||
year = {2026},
|
||||
url = {https://huggingface.co/Krishnapadala55/brahmastra-0.2}
|
||||
}
|
||||
```
|
||||
|
||||
## Acknowledgements
|
||||
|
||||
- **DeepSeek AI** for the DeepSeek-R1-Distill-Qwen-32B base model
|
||||
- **Unsloth** for the training framework that made 32B QLoRA practical on a single 48 GB GPU
|
||||
- **TRL / PEFT** contributors at HuggingFace
|
||||
- **Fenrir v2.0**, **HackMentor**, **Primus-Seed**, **ExploitDB**, **All-CVE** dataset authors
|
||||
|
||||
---
|
||||
|
||||
*BRAHMASTRA is a research prototype. Use responsibly. Only test systems you are authorized to test.*
|
||||
Reference in New Issue
Block a user