Files
RavenX-Sec-8B-GGUF/README.md

155 lines
5.6 KiB
Markdown
Raw Normal View History

---
license: apache-2.0
base_model: georgehenney/Qwen3-8B-heretic
tags:
- security
- cybersecurity
- pentest
- CVSS
- OWASP
- red-team
- bug-bounty
- 128k-context
- gguf
- qwen3
- ravenx
- rath-protocol
- tool-calling
language:
- en
pipeline_tag: text-generation
---
# RavenX-Sec Qwen3-8B v4.0 — Autonomous Security Intelligence Model 128K (GGUF)
> **GGUF** · Ollama / llama.cpp / LM Studio · 128K context · 6-step RATH protocol · 610K training examples · 21 datasets
This is the GGUF version of [`RavenX-Sec-8B-Security-RATH-128k-mlx-4bit`](https://huggingface.co/deadbydawn101/RavenX-Sec-8B-Security-RATH-128k-mlx-4bit) — the model **self-evolved** from 4 to 6 RATH steps during training.
> 🍎 **Looking for the MLX version?** → [RavenX-Sec-8B-Security-RATH-128k-mlx-4bit](https://huggingface.co/deadbydawn101/RavenX-Sec-8B-Security-RATH-128k-mlx-4bit)
**Built by [@DeadByDawn101](https://github.com/DeadByDawn101) (RavenX LLC)**
## Quick Start
```bash
ollama run hf.co/deadbydawn101/RavenX-Sec-8B-GGUF:ravenx-sec-v4.0-128k-Q8_0
```
## Available Quantizations
### v4.0-128k (Latest — Recommended)
| Filename | Quant | Size |
|----------|-------|------|
| `ravenx-sec-v4.0-128k-Q4_K_M.gguf` | Q4_K_M | 4.7 GB |
| `ravenx-sec-v4.0-128k-Q5_K_M.gguf` | Q5_K_M | 5.4 GB |
| `ravenx-sec-v4.0-128k-Q8_0.gguf` | Q8_0 | 8.1 GB |
| `ravenx-sec-v4.0-128k-f16.gguf` | F16 | 15.3 GB |
### Previous Versions
v3.0-128k, v3.0, v2.0 also available in this repo.
## Related Models
| Model | Format | Link |
|-------|--------|------|
| RavenX-Sec v4.0 MLX 4-bit | MLX Safetensors | [MLX version](https://huggingface.co/deadbydawn101/RavenX-Sec-8B-Security-RATH-128k-mlx-4bit) |
| **RavenX-Sec v4.0 GGUF** | GGUF | This repo |
## What This Is
A fine-tuned Qwen3-8B specialized for the complete vulnerability lifecycle: **find → classify → fix → verify → report → prevent**. Trained on 610,220 examples from 21 security-specific datasets with 8192 sequence length (zero truncation). Extended to 128K context via YaRN rope scaling.
The model **self-evolved** from a 4-step to a **6-step RATH protocol** during training:
| Step | What It Does |
|------|-------------|
| **R — Risk / Identify** | Finding context, affected systems, exposure |
| **A — Assessment** | CVSS score + vector, CWE, scope, ground truth |
| **T — Threat** | Attacker objectives, attack vectors, likelihood |
| **H — Highlight / Remediate** | Immediate action, recommended fix, workaround, verification |
| **D — Document** | Severity, weakness classification, steps, SLA |
| **P — Prevent** | Process improvements, controls, training, monitoring |
## Example Output (v4.0 — 6-Step RATH)
```
RATH STEP 1: IDENTIFY
- Finding: OpenSSH 7.4 running on port 22 of production server
- Context: Older version with known vulnerabilities
RATH STEP 2: ASSESS
- CVSS Score: 6.3 for multiple vulnerabilities
- Impact: Remote code execution, information disclosure
- Scope: Entire server and SSH-dependent services
RATH STEP 3: THREAT
- Attacker Objective: Exploit known CVEs in OpenSSH 7.4
- Attack Vectors: Remote code execution via SSH
- Likelihood: High — well-documented and widely exploited
RATH STEP 4: REMEDIATE
- Immediate: Apply latest security patches
- Recommended: Upgrade to OpenSSH 8.x or higher
- Workaround: Apply all available security updates
- Verification: Check version post-remediation
RATH STEP 5: DOCUMENT
- Severity: Critical
- Weakness: Outdated software
- SLA: Follow org patching SLA for critical vulns
RATH STEP 6: PREVENT
- Process: Implement automated patch management
- Controls: Deploy CVE scanning, maintain system inventory
- Training: Educate team on software update importance
- Monitoring: Enable continuous vulnerability scanning
✅ RATH VERDICT: REMEDIATE IMMEDIATELY
```
## Model Details
| Parameter | Value |
|-----------|-------|
| **Architecture** | Qwen3-8B |
| **Base** | georgehenney/Qwen3-8B-heretic (abliterated) |
| **Context Window** | 128K (YaRN rope scaling, factor 4.0) |
| **Training Data** | 610,220 examples |
| **Security Content** | 53% (323K examples) |
| **Agent/Tool Content** | 37% (228K examples) |
| **Datasets** | 21 sources |
| **Max Seq Length** | 8192 (zero truncation) |
| **Tokens Trained** | 3,644,923 |
| **Method** | MLX LoRA (rank 32, 8 layers, 1e-5 LR, 2000 iters) |
| **Hardware** | Apple M4 Max 128GB |
| **Peak Memory** | 69.5 GB |
## Training Datasets (21)
**Security (11):** Trendyol/Cybersecurity-Instruction-Tuning (50K) · SkywardNomad92/pentest-findings-v2 (50K) · WNT3D/Ultimate-Offensive-Red-Team (25.6K) · auren-research/cve-sft-v5 (10K) · theelderemo/pentesting-explanations (5.9K) · Rootkit7/pentest-redteam-steering (2K) · acnimatic3722/kali-linux-pentesting-data (343) · AYI-NEDJIMI/bug-bounty-pentest-en · CJJones/Synthetic_PenTest_Reports · Whoisjutanlee/4-Security-Tools-Pentesting · cpagac/venomx-pentesting-harmful
**Agent/Tool/Coding (5):** burtenshaw/agent-tools · Nanbeige/ToolMind · togethercomputer/CoderForge-Preview · automatelab/mcp-servers-tool-catalog · Jackrong/Claude-opus-4.7-TraceInversion-5000x
**Agentic:** WithinUsAI/AgentAngel_100k (50K capped) · WithinUsAI/claude_mythos_distilled_25k (16K security)
**Extracted:** hackingBuddyGPT · PentestGPT · Shannon · Ghidra · OpenMythos + Synthetic RATH chains
## Frameworks Supported
CVSS 3.1 · NIST CSF 2.0 · OWASP Top 10 · CWE · MITRE ATT&CK · PCI DSS · HIPAA · SOX
## Source Code & Training Pipeline
**[github.com/DeadByDawn101/RavenX-Sec](https://github.com/DeadByDawn101/RavenX-Sec)**
## License
Apache-2.0
---
*"We don't give up. We do what others don't and build what isn't possible." — RavenX LLC*