BRAHMASTRA 0.1 — AI-Native DAST Security Scanner
"Like the divine weapon of the Puranas, it strikes with precision and never misses its mark."
BRAHMASTRA is a fine-tuned 7B language model purpose-built for Dynamic Application Security Testing (DAST).
It is trained to reason about web application vulnerabilities, generate targeted security payloads,
analyze HTTP responses, and produce structured security findings — all autonomously.
🎯 Capabilities
| Module | Vulnerability Type |
|---|---|
| Naagastra | SQL Injection (Error-based, Blind, Time-based) |
| Aindrastra | Cross-Site Scripting (Reflected, Stored, DOM) |
| Pashupatastra | Server-Side Template Injection (Jinja2, Twig, ERB) |
| Vayavyastra | Server-Side Request Forgery |
| Brahmaanda Astra | Authentication Bypass |
| Pasha Astra | IDOR / Broken Object Level Auth |
| Kavachabhedana | WAF Detection & Bypass |
🏋️ Training
BRAHMASTRA was trained in 5 phases using LoRA fine-tuning on top of Qwen2.5-Coder-7B-Instruct:
| Phase | Focus | Samples |
|---|---|---|
| 1a | SQLi + XSS fundamentals | 2,000 |
| 1b | SSTI + SSRF | 2,000 |
| 1c | IDOR + Auth bypass | 2,000 |
| 2 | Multi-step attack chains | 3,000 |
| 3 | WAF bypass + adversarial | 2,000 |
| Cleanup | Hallucination removal, concrete payloads | 3,000 |
- LoRA rank: 128, alpha: 256, rslora: true
- Base model:
unsloth/qwen2.5-coder-7b-instruct-bnb-4bit - Training framework: Unsloth + PEFT + TRL SFTTrainer
- Hardware: Custom GPU server (beast)
🚀 Usage
With Transformers
from transformers import AutoModelForCausalLM, AutoTokenizer
import torch
model = AutoModelForCausalLM.from_pretrained(
"Krishnapadala55/brahmastra-0.1",
torch_dtype=torch.float16,
device_map="auto"
)
tokenizer = AutoTokenizer.from_pretrained("Krishnapadala55/brahmastra-0.1")
messages = [
{"role": "system", "content": "You are BRAHMASTRA, an elite DAST security scanner."},
{"role": "user", "content": "Test /login.php parameter 'uname' for SQL injection."}
]
text = tokenizer.apply_chat_template(messages, tokenize=False, add_generation_prompt=True)
inputs = tokenizer(text, return_tensors="pt").to(model.device)
outputs = model.generate(**inputs, max_new_tokens=512, temperature=0.1)
print(tokenizer.decode(outputs[0], skip_special_tokens=True))
Expected Output Format
<think>
Testing uname parameter for SQL injection. Will start with error-based payload.
</think>
inject_payload("/login.php", "uname", "' OR '1'='1", method="POST")
🛡️ Responsible Use
This model is intended for:
- Authorized penetration testing of systems you own or have explicit written permission to test
- Security research and education
- Building DAST tooling for legitimate security teams
This model must NOT be used for:
- Testing systems without authorization
- Malicious exploitation of vulnerabilities
- Any illegal activity
By downloading and using this model, you agree to use it only for authorized security testing.
📊 Benchmark Results
Tested against phpvulnbank (intentionally vulnerable PHP application):
| Metric | Result |
|---|---|
| Requests made | 436 |
| Scan duration | 176 seconds |
| Critical findings | 18 |
| Medium findings | 2 |
| False positives | 0 |
| Pages covered | 6 (full crawl + auth) |
🔧 BRAHMASTRA Scanner
The full BRAHMASTRA DAST engine (agent loop, crawler, report generator) is available at:
👉 github.com/krishnareddypadala/brahmastra
📄 License
Apache 2.0 — see LICENSE
Built with ❤️ by Krishna Padala — Hyderabad, India
- Downloads last month
- 3