Back to Terminal

PoCSmith

AI-Powered Proof-of-Concept Generator for Security Research. Fine-tuned CodeLlama-7B achieving 78.4% token accuracy.

GitHubPyPI PackageHugging Face

01. Model Training Visualization

The model was trained on 1,472 CVE-exploit pairs using QLoRA 4-bit quantization. This optimization technique enabled training on consumer hardware (RTX 4050, 6GB VRAM) while maintaining quality.

  • Training Loss: 1.20 → 0.84 (30% reduction)
  • Token Accuracy: 78.4%
  • Training Time: 3h 17min
TRAINING ACTIVE
Model: CodeLlama-7B
Epoch: 0/3
Loss: 1.2000
Accuracy: 0.0%
Samples: 0/1,472
Method: QLoRA 4-bit
VRAM: 5.5/6GB
Hardware: RTX 4050
Training Loss Over Time (1.20 → 0.84)

CodeLlama-7B

Base model specialized for code generation, fine-tuned on exploit patterns from NVD, Exploit-DB, and Metasploit.

QLoRA Training

4-bit quantization with LoRA adapters (343MB) enabling efficient training on consumer GPUs while preserving quality.

Multi-Platform

Generates exploits and shellcode for Linux (x86/x64), Windows (x86/x64), and ARM architectures.

02. Technical Architecture

PoCSmith consists of a complete AI/ML pipeline: data collection, model training, and production deployment with a professional CLI interface.

Key Features

  • CVE Integration: Fetch vulnerability data from NVD API with automatic parsing and caching.
  • Shellcode Generation: Multi-platform payloads with reverse shells, bind shells, and exec variants.
  • Data Pipeline: Automated scrapers for NVD, Exploit-DB, Metasploit, and Shell-Storm.
  • PyPI Package: Professional CLI tool with automated publishing via GitHub Actions.

Installation & Usage

# Install from PyPI
$ pip install pocsmith

# Generate exploit from CVE
$ pocsmith cve CVE-2024-1234

# Generate shellcode
$ pocsmith shellcode --platform linux_x64 --type reverse_shell

Training Methodology

The training dataset consists of 1,472 carefully curated samples linking CVE descriptions to working exploit code. Using QLoRA, I achieved a 30% loss reduction over 3 epochs while keeping VRAM usage under 6GB, making it accessible for consumer hardware. The model is published on Hugging Face Hub as LoRA adapters (343MB) that can be loaded on top of CodeLlama-7B.

Project Stats

1,472
Training Samples
78.4%
Token Accuracy
30%
Loss Reduction
343MB
Model Size