Hugging Face's logo

automajicly
/
Local_Security_Model

Text Generation
English
other
penetration-testing
autonomous-agent
mcp
kali-linux
llm
cybersecurity
red-team
ethical-hacking
bug-bounty
python
flask
bug-bounty,
pentesting-tools,
mcp,
mcp-server,
mcp-agent-loop,
ethical-hacker,
ethical-hacking-tools,
Model card Files
xet
 Community
3

πŸ” PenMaster Security

Autonomous AI-powered penetration testing agent β€” fully local, no cloud, no API keys.

Built on Kali Linux with a local LLM (Qwen 2.5-14B via LM Studio) and a Flask-based MCP tool server. The agent runs recon, attacks, and generates professional pentest reports β€” all autonomously.

demo

What It Does

  • πŸ” Autonomous recon β€” masscan + nmap to discover open ports and services
  • βš”οΈ Autonomous attack loop β€” selects and chains tools based on what it finds
  • 🧠 Persistent negative experience cache β€” learns what fails across ALL sessions and never repeats mistakes
  • πŸ“ Auto-generates branded HTML pentest reports on session end (Ctrl+C)
  • πŸ”’ 100% local β€” Qwen 2.5-14B running in LM Studio, nothing leaves your machine

Tool Arsenal (18 Tools)

Tool Purpose
run_masscan Fast port discovery
run_nmap Deep service/version scanning
run_nikto Web vulnerability scanning
run_sqlmap SQL injection testing
run_hydra Credential brute forcing
run_ncrack Network authentication cracking
run_searchsploit CVE/exploit database lookup
run_metasploit Exploit framework integration
run_curl HTTP interaction and payload staging
run_wget File retrieval and payload staging
run_enum4linux SMB/Samba enumeration
run_smbclient SMB share access and enumeration
run_ftp FTP service interaction
run_ssh SSH service interaction
run_telnet Telnet service interaction
run_wpscan WordPress vulnerability scanning
run_dirb Web directory brute forcing
run_set Social Engineering Toolkit

Sovereign Agent Upgrades

  • βœ… Autonomous tool reasoning β€” agent selects tools based on discovered services
  • βœ… Persistent negative experience cache β€” SHA-256 fingerprinting blacklists failing tool/parameter combos across sessions
  • βœ… Social Engineering Toolkit (SET) integration
  • βœ… Auto HTML pentest report generation

Stack

  • Model: Qwen 2.5-14B Instruct (abliterated) via LM Studio
  • OS: Kali Linux
  • Server: Flask MCP server (port 8000)
  • Agent: Python autonomous loop
  • Reports: Auto-generated HTML on exit

Intended Use

Designed for:

  • Professional penetration testing against authorized targets only
  • Security audits for small businesses, WordPress sites, and ecommerce
  • Bug bounty hunting workflows
  • AI/security research and development

GitHub

XenoCoreGiger31/Local-Model

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
Text Generation
This model isn't deployed by any Inference Provider. πŸ™‹ Ask for provider support

Model tree for automajicly/Local_Security_Model

Base model

Qwen/Qwen2.5-1.5B
Finetuned
Qwen/Qwen2.5-1.5B-Instruct
Quantized
Qwen/Qwen2.5-1.5B-Instruct-GGUF
Finetuned
(2)
this model

Space using automajicly/Local_Security_Model 1