EZTEAM/EZ-PoC-Llama-3.1-8B

EZ-PoC-Llama3.1-8B

中文

Model Introduction

EZ-PoC-Llama3.1-8B is the first YAML PoC generation model trained around the EZ ecosystem by EZTEAM, and it is also the first publicly available PoC format fine-tuned model. This model is based on the Llama3.1-8B architecture and is fine-tuned using LoRA technology with historical EZ PoC data.

The EZ-PoC series of models focus on generating formatted (YAML) data that can be recognized by the EZ scanner, providing powerful extensibility and flexible control capabilities for automated penetration testing.

Model Features

• PoC Generation Capability: Can convert natural language descriptions into YAML PoC plugins that comply with the EZ scanner standards.
• Automation Support: Provides efficient automation tool support for penetration testing, reducing the time required to manually write PoCs.
• Flexible Control: Users can flexibly control the generated content through simple prompts.

Usage

Activating PoC Generation Capability

When using the model to generate YAML PoCs, the following prompt should be used in the conversation to activate the capability (it can also be placed in the system prompt):

将以下描述转换成yaml poc插件，只返回yaml数据，不返回其他

Example

Input:

Write a poc that requests /path.txt and checks if it contains 123456

Output:

name: poc-yaml-path-txt-contains-123456
level: 1
finger: |
  finger.name.lcontains("path.txt")
rules:
  - method: GET
    path: /path.txt
    expression: |
      response.body.bcontains(b"123456")
detail:
  author: ez
  tvul_id: 123456

Code Example

To use this model, the following dependencies need to be installed:

pip install transformers torch

Below is an example of how to load and use EZ-PoC-Llama3.1-8B:

import transformers
import torch

model_id = "EZTEAM/EZ-PoC-Llama-3.1-8B"

pipeline = transformers.pipeline(
    "text-generation",
    model=model_id,
    model_kwargs={"torch_dtype": torch.bfloat16},
    device_map="auto",
)

messages = [
    {"role": "system", "content": "将以下描述转换成yaml poc插件，只返回yaml数据，不返回其他"},
    {"role": "user", "content": "Write a poc that requests /path.txt and checks if it contains 123456"},
]

outputs = pipeline(
    messages,
    max_new_tokens=256,
)
print(outputs[0]["generated_text"][-1])

Training Data

EZ-PoC-Llama3.1-8B is fine-tuned using historical EZ PoC data, which has been carefully selected and preprocessed to ensure that the generated YAML PoCs meet the standards of the EZ scanner.

Providing Quantized Versions

Address: EZTEAM/EZ-PoC-Llama-3.1-8B-GGUF

Parameters	Quantization	Size
8B	f16	16.1GB
8B	Q8_0	8.54GB
8B	Q5_K_M	5.73GB
8B	Q4_K_M	4.92GB

Performance Metrics

N/A

License

EZ-PoC-Llama3.1-8B is released under the Apache 2.0 License.

Citation

If you use EZ-PoC-Llama3.1-8B, please cite the following:

EZ-PoC-Llama3.1-8B: A LoRA fine-tuned model for generating YAML PoC plugins, developed by EZTEAM.

Contact Us

If you have any questions or suggestions, feel free to contact us through the following channels:

• GitHub: M-SEC-ORG