|
--- |
|
language: |
|
- en |
|
tags: |
|
- AI |
|
- NLP |
|
- Cybersecurity |
|
- Ethical Hacking |
|
- Pentesting |
|
license: apache-2.0 |
|
pipeline_tag: text-generation |
|
metrics: |
|
- accuracy |
|
- perplexity |
|
- response_time |
|
model_type: causal-lm |
|
datasets: |
|
- Canstralian/pentesting_dataset |
|
- Canstralian/Wordlists |
|
- Canstralian/ShellCommands |
|
base_model: |
|
- openai-community/gpt2 |
|
- WhiteRabbitNeo/Llama-3-WhiteRabbitNeo-8B-v2.0 |
|
library_name: transformers |
|
|
|
--- |
|
|
|
# Canstralian/pentest_ai - Extended Version |
|
|
|
## License and Usage Restrictions |
|
|
|
**License:** Apache-2.0 |
|
|
|
### Usage Restrictions |
|
|
|
By using **Canstralian/pentest_ai**, you agree not to: |
|
|
|
- Violate applicable national or international laws or regulations. |
|
- Use the model for military purposes. |
|
- Harm minors, exploit or disseminate false or inappropriate content. |
|
- Generate or share personally identifiable information without authorization. |
|
- Engage in activities that result in discrimination or harm based on personal characteristics. |
|
|
|
## Terms of Use |
|
|
|
By accessing and using this AI model, you agree to indemnify and hold harmless the creators and developers of the model from any liability, damages, losses, or costs arising from your use. The model is provided "as-is" without warranties, and you are responsible for ensuring ethical use. |
|
|
|
## Overview |
|
|
|
**Canstralian/pentest_ai** is a cutting-edge model focused on offensive and defensive cybersecurity tasks, designed for penetration testing, reconnaissance, and task automation. Built on a 13B parameter model, it is made available to showcase its capabilities and assess the societal impact of such technologies. |
|
|
|
## Model Usage Example |
|
|
|
```python |
|
import torch |
|
from transformers import AutoModelForCausalLM, AutoTokenizer |
|
|
|
# Load model and tokenizer |
|
model_path = "Canstralian/pentest_ai" |
|
model = AutoModelForCausalLM.from_pretrained(model_path) |
|
tokenizer = AutoTokenizer.from_pretrained(model_path) |
|
|
|
# Sample input and model generation |
|
input_text = "Describe the steps involved in a penetration test." |
|
inputs = tokenizer.encode(input_text, return_tensors='pt') |
|
outputs = model.generate(inputs) |
|
output_text = tokenizer.decode(outputs[0], skip_special_tokens=True) |
|
|
|
print(output_text) |
|
``` |
|
|
|
## Example Conversations |
|
|
|
### Sample 1: SQL Injection |
|
|
|
**User**: How do I perform an SQL injection attack? |
|
|
|
- **Identify Vulnerable Input:** Use a web proxy (e.g., Burp Suite) to inspect inputs that might be vulnerable. |
|
- **Inject SQL Query:** Use payloads like `' OR 1=1 --`. |
|
- **Automate with SQLmap:** `sqlmap -u "http://example.com/vulnerable?id=1" --dbs`. |
|
|
|
### Sample 2: DNS Spoofing |
|
|
|
**User**: How do I perform DNS spoofing? |
|
|
|
- **Enable IP Forwarding:** `echo 1 > /proc/sys/net/ipv4/ip_forward` |
|
- **Use Ettercap:** `ettercap -T -M arp:remote /[Target IP]/ /[Gateway IP]/` |
|
- **Modify DNS File:** Edit the `etter.dns` file with fake domain IPs. |
|
|
|
### Sample 3: Nmap Scanning |
|
|
|
**User**: How do I scan for open ports using Nmap? |
|
|
|
- **Basic Scan:** `nmap [Target IP]` |
|
- **Service Detection:** `nmap -sV [Target IP]` |
|
- **Aggressive Scan:** `nmap -A [Target IP]` |
|
|
|
## Bias, Risks, and Limitations |
|
|
|
While **pentest_ai** generates valuable penetration testing information, it may produce biased or misleading content. Users should verify generated content and exercise caution, especially in ethical and legal contexts. |
|
|
|
## Model Architecture and Training |
|
|
|
### Architecture |
|
|
|
The model uses a transformer-based causal language model architecture, optimized for generating coherent and contextually relevant text. |
|
|
|
### Training Data |
|
|
|
Trained on a variety of cybersecurity materials, including guides, tutorials, and documentation. The dataset ensures diverse coverage of penetration testing topics. |
|
|
|
- **Canstralian/pentesting_dataset** |
|
- **Canstralian/Wordlists** |
|
- **Canstralian/ShellCommands** |
|
|
|
## Contact |
|
|
|
For questions, feedback, or inquiries, please contact [[email protected]]. |
|
|
|
## Citation |
|
|
|
For referencing this model: |
|
|
|
**BibTeX:** |
|
|
|
```bibtex |
|
@article{deJager2024, |
|
title={Pentest AI: A Generative Model for Penetration Testing Text Generation}, |
|
author={Esteban Cara de Sexo}, |
|
journal={arXiv preprint arXiv:2401.00000}, |
|
year={2024} |
|
} |
|
``` |
|
|
|
**APA:** |
|
|
|
Cara de Sexo, E. (2024). *Pentest AI: A Generative Model for Penetration Testing Text Generation*. arXiv preprint arXiv:2401.00000. |
|
|
|
## Conclusion |
|
|
|
**Canstralian/pentest_ai** is an advanced tool for penetration testing, designed to aid professionals in offensive and defensive cybersecurity tasks. As with all AI tools, it is important to use this model ethically and responsibly, ensuring it contributes positively to cybersecurity practices. |
|
|
