attacklm 0.4.1__tar.gz → 0.5.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {attacklm-0.4.1 → attacklm-0.5.0}/PKG-INFO +1 -1
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/manifest.json +61 -4
- attacklm-0.5.0/data/datasets/buckets/sources/elastic-rules/LICENSE.md +84 -0
- attacklm-0.5.0/data/datasets/buckets/sources/elastic-rules/SOURCE.md +10 -0
- attacklm-0.5.0/data/datasets/buckets/sources/mordor/LICENSE.md +85 -0
- attacklm-0.5.0/data/datasets/buckets/sources/mordor/SOURCE.md +10 -0
- attacklm-0.5.0/data/datasets/buckets/sources/nist-ir/LICENSE.md +14 -0
- attacklm-0.5.0/data/datasets/buckets/sources/nist-ir/SOURCE.md +10 -0
- attacklm-0.5.0/data/datasets/buckets/sources/sigma-hq/LICENSE.md +21 -0
- attacklm-0.5.0/data/datasets/buckets/sources/sigma-hq/SOURCE.md +10 -0
- attacklm-0.5.0/data/datasets/buckets/sources/splunk-content/LICENSE.md +6 -0
- attacklm-0.5.0/data/datasets/buckets/sources/splunk-content/SOURCE.md +10 -0
- attacklm-0.5.0/data/datasets/buckets/sources/threathunter-playbook/LICENSE.md +6 -0
- attacklm-0.5.0/data/datasets/buckets/sources/threathunter-playbook/SOURCE.md +10 -0
- attacklm-0.5.0/notes/BLUE_TEAM_DESIGN_v0.5.0.md +792 -0
- attacklm-0.5.0/presets/blue-team.json +14 -0
- attacklm-0.5.0/presets/purple-team.json +14 -0
- attacklm-0.5.0/presets/red-team.json +14 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/balance_buckets.py +102 -1
- attacklm-0.5.0/scripts/extract_elastic_rules.py +323 -0
- attacklm-0.5.0/scripts/extract_mordor.py +368 -0
- attacklm-0.5.0/scripts/extract_nist_ir.py +574 -0
- attacklm-0.5.0/scripts/extract_sigma_defensive.py +284 -0
- attacklm-0.5.0/scripts/extract_splunk_content.py +285 -0
- attacklm-0.5.0/scripts/extract_threathunter_playbook.py +275 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/init_pipeline.py +56 -0
- attacklm-0.5.0/src/attacklm/__version__.py +1 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/src/attacklm/cli.py +6 -0
- attacklm-0.4.1/src/attacklm/__version__.py +0 -1
- {attacklm-0.4.1 → attacklm-0.5.0}/.github/workflows/release.yml +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/.gitignore +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/ATTRIBUTION.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/CHANGELOG.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/CONTRIBUTING.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/EVALUATION.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/LICENSE +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/MANIFEST.in +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/Makefile +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/NOTICE +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/QA_BEFORE_RELEASES.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/README.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/REPLAY_PLAN.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/ATTRIBUTION.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/LEGAL.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/REMOVAL.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/bench/questions.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/bench/speed_context.txt +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/ATTRIBUTION.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/GEMINI_RESEARCH_2026-06-11.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/acquisition_report.json +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/README.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/_index.json +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/atomic-red-team/LICENSE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/atomic-red-team/SOURCE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/atomic-red-team/base/collection/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/atomic-red-team/base/discovery/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/atomic-red-team/base/execution/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/atomic-red-team/base/exfiltration/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/atomic-red-team/base/persistence/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/attacklm-synthetic/LICENSE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/attacklm-synthetic/SOURCE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/attacklm-synthetic/orchestrator/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/azure-pyrit/LICENSE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/azure-pyrit/SOURCE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/cyberark-fuzzyai/LICENSE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/cyberark-fuzzyai/SOURCE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/llm-generated/LICENSE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/llm-generated/SOURCE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/llm-generated/cloud/attacks/data_llm.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/llm-generated/ics/attacks/data_llm.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/llm-generated/social_engineering/phishing/data_llm.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/llm-generated/wireless/attacks/data_llm.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/metasploit-framework/LICENSE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/metasploit-framework/SOURCE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/metasploit-framework/base/collection/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/metasploit-framework/base/credential_access/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/metasploit-framework/base/defense_evasion/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/metasploit-framework/base/discovery/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/metasploit-framework/base/execution/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/metasploit-framework/base/lateral_movement/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/metasploit-framework/base/persistence/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/metasploit-framework/base/privilege_escalation/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/metasploit-framework/tools/metasploit/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/mitre-atlas-arsenal/LICENSE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/mitre-atlas-arsenal/SOURCE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/mitre-atlas-arsenal/base/discovery/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/mitre-stockpile/LICENSE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/mitre-stockpile/SOURCE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/mitre-stockpile/base/collection/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/mitre-stockpile/base/discovery/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/mitre-stockpile/base/execution/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/mitre-stockpile/base/exfiltration/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/mitre-stockpile/base/persistence/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/nvidia-garak/LICENSE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/nvidia-garak/SOURCE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/nvidia-garak/ai/jailbreaking/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/promptfoo/LICENSE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/promptfoo/SOURCE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/promptfoo/ai/prompt-injection/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/promptmap/LICENSE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/promptmap/SOURCE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/promptmap/ai/prompt-injection/data.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/replay-general/LICENSE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/replay-general/SOURCE.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/replay-general/base/replay/data_code.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/replay-general/base/replay/data_conversation.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/replay-general/base/replay/data_factual.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/datasets/buckets/sources/replay-general/base/replay/data_reasoning.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/golden/prompts.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/reference/prompts.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/steering/prompts/opsec_aware.txt +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/steering/prompts/opsec_unaware.txt +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/steering/prompts/succinct.txt +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/data/steering/prompts/verbose.txt +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/experiments/README.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/experiments/synthetic_dataset_mutator_evol_instruct.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/hf/.gitattributes +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/hf/README.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/hf/data/manifest.json +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/hf/dataset_infos.json +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/hf/scripts/build_hf_dataset.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/hf/scripts/push_to_hf.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/hpo_runs/.gitkeep +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/hpo_runs/hpo_state.json +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/hpo_runs/hpo_trial_dataset.jsonl +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/logs/.gitkeep +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/notes/EVAL_DESIGN_v0.4.0.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/notes/STEERING_REVIEW_v0.4.0.md +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/pyproject.toml +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/requirements.txt +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/_eval_loader.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/acquire_cloud_attack_dataset.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/acquire_ics_dataset.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/acquire_phishing_dataset.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/acquire_red_team_tactics.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/acquire_replay_general.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/acquire_supply_chain_dataset.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/acquire_web_attack_dataset.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/acquire_wireless_dataset.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/add_attribution.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/audit_dataset.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/augment_attribution.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/bucket_loader.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/build.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/classify_unrouted_modules.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/clone_repos.sh +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/collect_reference.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/compare_scores.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/convert_to_gguf.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/dedupe_and_import_llm.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/demo.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/device_utils.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/domain_bench.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/eval_retention.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/extract_ai_tools_to_jsonl.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/extract_atomic_red_team_to_jsonl.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/extract_by_tactic.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/extract_caldera_plugins_to_jsonl.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/extract_infection_monkey_to_jsonl.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/extract_rta_to_jsonl.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/generate_dataset.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/generate_dataset_deterministic.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/generate_hybrid_dataset.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/generate_metasploit_dataset.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/generate_orchestrator.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/generate_prompt_injection.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/generate_source_layout.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/generate_synthetic_scarce.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/golden_vectors.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/hpo_runner.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/import_gguf.sh +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/import_to_lmstudio.sh +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/infer.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/llm_generate_wrapper.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/merge_adapter.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/migrate_buckets_to_v021.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/migrate_v015_to_v020.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/mitre_tactic_lookup.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/parse_metasploit_to_jsonl.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/rebuild_manifest.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/register_ollama.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/reorganize_buckets.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/replay_mixer.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/run_all_acquisitions.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/score_candidates.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/scrub_bpl_callback.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/setup_buckets.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/speed_bench.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/stamp_and_reorg.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/steering.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/train_all.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/train_template.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/scripts/validate_per_category.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/src/attacklm/__init__.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/tests/test_balance_buckets.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/tests/test_collect_reference.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/tests/test_compare_scores.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/tests/test_domain_bench.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/tests/test_eval_loader.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/tests/test_eval_retention.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/tests/test_golden_vectors.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/tests/test_init_pipeline.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/tests/test_replay_mixer.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/tests/test_score_candidates.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/tests/test_speed_bench.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/tests/test_steering.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/tests/test_thinking_models.py +0 -0
- {attacklm-0.4.1 → attacklm-0.5.0}/uv.lock +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: attacklm
|
|
3
|
-
Version: 0.
|
|
3
|
+
Version: 0.5.0
|
|
4
4
|
Summary: QLoRA-fine-tuned Qwen2.5-Coder for offensive security and AI red-teaming
|
|
5
5
|
Project-URL: Homepage, https://github.com/Veedubin/AttackLM
|
|
6
6
|
Project-URL: Repository, https://github.com/Veedubin/AttackLM
|
|
@@ -9,10 +9,10 @@
|
|
|
9
9
|
"TheBigPromptLibrary (mixed/unclear)"
|
|
10
10
|
],
|
|
11
11
|
"created": "2026-06-12T02:49:52.749367+00:00",
|
|
12
|
-
"total_buckets":
|
|
13
|
-
"total_pairs":
|
|
12
|
+
"total_buckets": 23,
|
|
13
|
+
"total_pairs": 21865,
|
|
14
14
|
"tier_totals": {
|
|
15
|
-
"human":
|
|
15
|
+
"human": 21485,
|
|
16
16
|
"llm": 0,
|
|
17
17
|
"synth": 380
|
|
18
18
|
},
|
|
@@ -21,13 +21,19 @@
|
|
|
21
21
|
"attacklm-synthetic": 380,
|
|
22
22
|
"azure-pyrit": 0,
|
|
23
23
|
"cyberark-fuzzyai": 0,
|
|
24
|
+
"elastic-rules": 1200,
|
|
24
25
|
"llm-generated": 0,
|
|
25
26
|
"metasploit-framework": 13997,
|
|
26
27
|
"mitre-atlas-arsenal": 20,
|
|
27
28
|
"mitre-stockpile": 390,
|
|
29
|
+
"mordor": 500,
|
|
30
|
+
"nist-ir": 200,
|
|
28
31
|
"nvidia-garak": 50,
|
|
29
32
|
"promptfoo": 33,
|
|
30
|
-
"promptmap": 30
|
|
33
|
+
"promptmap": 30,
|
|
34
|
+
"sigma-hq": 3000,
|
|
35
|
+
"splunk-content": 800,
|
|
36
|
+
"threathunter-playbook": 150
|
|
31
37
|
},
|
|
32
38
|
"sources": {
|
|
33
39
|
"atomic-red-team": {
|
|
@@ -626,6 +632,57 @@
|
|
|
626
632
|
},
|
|
627
633
|
"dominant_source": "attacklm-synthetic",
|
|
628
634
|
"license": "MIT"
|
|
635
|
+
},
|
|
636
|
+
{
|
|
637
|
+
"name": "defensive_detection_engineering",
|
|
638
|
+
"path": "defensive/detection_engineering",
|
|
639
|
+
"category": "defensive",
|
|
640
|
+
"count": 5000,
|
|
641
|
+
"sub_sources": {
|
|
642
|
+
"human": 5000,
|
|
643
|
+
"llm": 0,
|
|
644
|
+
"synth": 0
|
|
645
|
+
},
|
|
646
|
+
"sources": {
|
|
647
|
+
"sigma-hq": 3000,
|
|
648
|
+
"elastic-rules": 1200,
|
|
649
|
+
"splunk-content": 800
|
|
650
|
+
},
|
|
651
|
+
"dominant_source": "sigma-hq",
|
|
652
|
+
"license": "DRL-1.1"
|
|
653
|
+
},
|
|
654
|
+
{
|
|
655
|
+
"name": "defensive_threat_hunting",
|
|
656
|
+
"path": "defensive/threat_hunting",
|
|
657
|
+
"category": "defensive",
|
|
658
|
+
"count": 650,
|
|
659
|
+
"sub_sources": {
|
|
660
|
+
"human": 650,
|
|
661
|
+
"llm": 0,
|
|
662
|
+
"synth": 0
|
|
663
|
+
},
|
|
664
|
+
"sources": {
|
|
665
|
+
"mordor": 500,
|
|
666
|
+
"threathunter-playbook": 150
|
|
667
|
+
},
|
|
668
|
+
"dominant_source": "mordor",
|
|
669
|
+
"license": "Apache-2.0"
|
|
670
|
+
},
|
|
671
|
+
{
|
|
672
|
+
"name": "defensive_incident_response",
|
|
673
|
+
"path": "defensive/incident_response",
|
|
674
|
+
"category": "defensive",
|
|
675
|
+
"count": 200,
|
|
676
|
+
"sub_sources": {
|
|
677
|
+
"human": 200,
|
|
678
|
+
"llm": 0,
|
|
679
|
+
"synth": 0
|
|
680
|
+
},
|
|
681
|
+
"sources": {
|
|
682
|
+
"nist-ir": 200
|
|
683
|
+
},
|
|
684
|
+
"dominant_source": "nist-ir",
|
|
685
|
+
"license": "Public-Domain"
|
|
629
686
|
}
|
|
630
687
|
]
|
|
631
688
|
}
|
|
@@ -0,0 +1,84 @@
|
|
|
1
|
+
Elastic License 2.0
|
|
2
|
+
|
|
3
|
+
URL: https://www.elastic.co/licensing/elastic-license
|
|
4
|
+
|
|
5
|
+
## Acceptance
|
|
6
|
+
|
|
7
|
+
By using the software, you agree to all of the terms and conditions below.
|
|
8
|
+
|
|
9
|
+
## Copyright License
|
|
10
|
+
|
|
11
|
+
The licensor grants you a non-exclusive, royalty-free, worldwide,
|
|
12
|
+
non-sublicensable, non-transferable license to use, copy, distribute, make
|
|
13
|
+
available, and prepare derivative works of the software, in each case subject
|
|
14
|
+
to the limitations and conditions below.
|
|
15
|
+
|
|
16
|
+
## Limitations
|
|
17
|
+
|
|
18
|
+
You may not provide the software to third parties as a hosted or managed
|
|
19
|
+
service, where the service provides users with access to any substantial set of
|
|
20
|
+
the features or functionality of the software.
|
|
21
|
+
|
|
22
|
+
You may not move, change, disable, or circumvent the license key functionality
|
|
23
|
+
in the software, and you may not remove or obscure any functionality in the
|
|
24
|
+
software that is protected by the license key.
|
|
25
|
+
|
|
26
|
+
You may not alter, remove, or obscure any licensing, copyright, or other
|
|
27
|
+
notices of the licensor in the software. Any use of the licensor's trademarks
|
|
28
|
+
is subject to applicable law.
|
|
29
|
+
|
|
30
|
+
## Patents
|
|
31
|
+
|
|
32
|
+
The licensor grants you a license, under any patent claims the licensor can
|
|
33
|
+
license, or becomes able to license, to make, have made, use, sell, offer for
|
|
34
|
+
sale, import and have imported the software, in each case subject to the
|
|
35
|
+
limitations and conditions in this license. This license does not cover any
|
|
36
|
+
patent claims that you cause to be infringed by modifications or additions to
|
|
37
|
+
the software.
|
|
38
|
+
|
|
39
|
+
## Notices
|
|
40
|
+
|
|
41
|
+
You must ensure that anyone who gets a copy of any part of the software from
|
|
42
|
+
you also gets a copy of these terms.
|
|
43
|
+
|
|
44
|
+
## Termination
|
|
45
|
+
|
|
46
|
+
If you violate any of these terms, your rights under this license will
|
|
47
|
+
terminate automatically.
|
|
48
|
+
|
|
49
|
+
## No Other Rights
|
|
50
|
+
|
|
51
|
+
These terms do not imply any licenses other than those expressly granted in
|
|
52
|
+
these terms.
|
|
53
|
+
|
|
54
|
+
## No Liability
|
|
55
|
+
|
|
56
|
+
As far as the law allows, the software comes as is, without any warranty or
|
|
57
|
+
condition, and the licensor will not be liable to you for any damages arising
|
|
58
|
+
out of these terms or the use or nature of the software, under any kind of
|
|
59
|
+
legal claim.
|
|
60
|
+
|
|
61
|
+
## Definitions
|
|
62
|
+
|
|
63
|
+
The **licensor** is the entity offering these terms, and the **software** is
|
|
64
|
+
the software the licensor makes available under these terms, including any
|
|
65
|
+
portion of it.
|
|
66
|
+
|
|
67
|
+
**you** refers to the individual or entity agreeing to these terms.
|
|
68
|
+
|
|
69
|
+
**your company** is any legal entity, sole proprietorship, or other kind of
|
|
70
|
+
organization that you work for, plus all organizations that have control over,
|
|
71
|
+
are under the control of, or are under common control with that organization.
|
|
72
|
+
|
|
73
|
+
**control** means ownership of substantially all the assets of an entity, or
|
|
74
|
+
the power to direct its management and policies by vote, contract, or
|
|
75
|
+
otherwise. Control can be direct or indirect.
|
|
76
|
+
|
|
77
|
+
**your licenses** are all the licenses granted to you for the software under
|
|
78
|
+
these terms.
|
|
79
|
+
|
|
80
|
+
**use** means anything you do with the software requiring one of your licenses.
|
|
81
|
+
|
|
82
|
+
**trademark** means trademarks, service marks, and similar rights.
|
|
83
|
+
|
|
84
|
+
Source: https://github.com/elastic/detection-rules/blob/main/LICENSE.txt
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
# Source: Elastic/detection-rules
|
|
2
|
+
|
|
3
|
+
- **Repository**: https://github.com/elastic/detection-rules
|
|
4
|
+
- **License**: Elastic License 2.0
|
|
5
|
+
- **License URI**: https://github.com/elastic/detection-rules/blob/main/LICENSE.txt
|
|
6
|
+
- **Rights Contact**: Elasticsearch B.V.
|
|
7
|
+
- **Extraction Date**: 2026-06-24
|
|
8
|
+
- **Extractor Script**: scripts/extract_elastic_rules.py
|
|
9
|
+
- **Records Extracted**: ~1,200
|
|
10
|
+
- **Description**: Detection Rules is the home for rules used by Elastic Security. Contains 1,200+ production-grade detection rules in EQL and KQL, mapped to MITRE ATT&CK, with severity scoring, risk assessment, and investigation guides.
|
|
@@ -0,0 +1,85 @@
|
|
|
1
|
+
Apache License Version 2.0, January 2004
|
|
2
|
+
http://www.apache.org/licenses/
|
|
3
|
+
|
|
4
|
+
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
|
5
|
+
|
|
6
|
+
1. Definitions.
|
|
7
|
+
|
|
8
|
+
"License" shall mean the terms and conditions for use, reproduction, and
|
|
9
|
+
distribution as defined by Sections 1 through 9 of this document.
|
|
10
|
+
|
|
11
|
+
"Licensor" shall mean the copyright owner or entity authorized by the copyright
|
|
12
|
+
owner that is granting the License.
|
|
13
|
+
|
|
14
|
+
"Legal Entity" shall mean the union of the acting entity and all other entities
|
|
15
|
+
that control, are controlled by, or are under common control with that entity.
|
|
16
|
+
|
|
17
|
+
"You" (or "Your") shall mean an individual or Legal Entity exercising
|
|
18
|
+
permissions granted by this License.
|
|
19
|
+
|
|
20
|
+
"Source" form shall mean the preferred form for making modifications,
|
|
21
|
+
including but not limited to software source code, documentation source, and
|
|
22
|
+
configuration files.
|
|
23
|
+
|
|
24
|
+
"Object" form shall mean any form resulting from mechanical transformation or
|
|
25
|
+
translation of a Source form, including but not limited to compiled object
|
|
26
|
+
code, generated documentation, and conversions to other media types.
|
|
27
|
+
|
|
28
|
+
"Work" shall mean the work of authorship, whether in Source or Object form,
|
|
29
|
+
made available under the License, as indicated by a copyright notice that is
|
|
30
|
+
included in or attached to the work.
|
|
31
|
+
|
|
32
|
+
"Derivative Works" shall mean any work, whether in Source or Object form, that
|
|
33
|
+
is based on (or derived from) the Work and for which the editorial revisions,
|
|
34
|
+
annotations, elaborations, or other modifications represent, as a whole, an
|
|
35
|
+
original work of authorship.
|
|
36
|
+
|
|
37
|
+
2. Grant of Copyright License. Subject to the terms and conditions of this
|
|
38
|
+
License, each Contributor hereby grants to You a perpetual, worldwide,
|
|
39
|
+
non-exclusive, no-charge, royalty-free, irrevocable copyright license to
|
|
40
|
+
reproduce, prepare Derivative Works of, publicly display, publicly perform,
|
|
41
|
+
sublicense, and distribute the Work and such Derivative Works in Source or
|
|
42
|
+
Object form.
|
|
43
|
+
|
|
44
|
+
3. Grant of Patent License. Subject to the terms and conditions of this
|
|
45
|
+
License, each Contributor hereby grants to You a perpetual, worldwide,
|
|
46
|
+
non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this
|
|
47
|
+
section) patent license to make, have made, use, offer to sell, sell, import,
|
|
48
|
+
and otherwise transfer the Work.
|
|
49
|
+
|
|
50
|
+
4. Redistribution. You may reproduce and distribute copies of the Work or
|
|
51
|
+
Derivative Works thereof in any medium, with or without modifications, and in
|
|
52
|
+
Source or Object form, provided that You meet the following conditions:
|
|
53
|
+
(a) You must give any other recipients of the Work or Derivative Works a copy
|
|
54
|
+
of this License; and
|
|
55
|
+
(b) You must cause any modified files to carry prominent notices stating that
|
|
56
|
+
You changed the files; and
|
|
57
|
+
(c) You must retain, in the Source form of any Derivative Works that You
|
|
58
|
+
distribute, all copyright, patent, trademark, and attribution notices from the
|
|
59
|
+
Source form of the Work; and
|
|
60
|
+
(d) If the Work includes a "NOTICE" text file as part of its distribution,
|
|
61
|
+
then any Derivative Works that You distribute must include a readable copy of
|
|
62
|
+
the attribution notices contained within such NOTICE file.
|
|
63
|
+
|
|
64
|
+
5. Submission of Contributions. Unless You explicitly state otherwise, any
|
|
65
|
+
Contribution intentionally submitted for inclusion in the Work by You to the
|
|
66
|
+
Licensor shall be under the terms and conditions of this License.
|
|
67
|
+
|
|
68
|
+
6. Trademarks. This License does not grant permission to use the trade names,
|
|
69
|
+
trademarks, service marks, or product names of the Licensor.
|
|
70
|
+
|
|
71
|
+
7. Disclaimer of Warranty. Unless required by applicable law or agreed to in
|
|
72
|
+
writing, Licensor provides the Work (and each Contributor provides its
|
|
73
|
+
Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
74
|
+
KIND, either express or implied.
|
|
75
|
+
|
|
76
|
+
8. Limitation of Liability. In no event and under no legal theory shall any
|
|
77
|
+
Contributor be liable to You for damages.
|
|
78
|
+
|
|
79
|
+
9. Accepting Warranty or Additional Liability. While redistributing the Work
|
|
80
|
+
or Derivative Works thereof, You may choose to offer, and charge a fee for,
|
|
81
|
+
acceptance of support, warranty, indemnity, or other liability obligations.
|
|
82
|
+
|
|
83
|
+
END OF TERMS AND CONDITIONS
|
|
84
|
+
|
|
85
|
+
Source: https://github.com/OTRF/Security-Datasets/blob/master/LICENSE
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
# Source: OTRF/Security-Datasets (Mordor)
|
|
2
|
+
|
|
3
|
+
- **Repository**: https://github.com/OTRF/Security-Datasets
|
|
4
|
+
- **License**: Apache License 2.0
|
|
5
|
+
- **License URI**: https://github.com/OTRF/Security-Datasets/blob/master/LICENSE
|
|
6
|
+
- **Rights Contact**: Open Threat Research (OTRF)
|
|
7
|
+
- **Extraction Date**: 2026-06-24
|
|
8
|
+
- **Extractor Script**: scripts/extract_mordor.py
|
|
9
|
+
- **Records Extracted**: ~500
|
|
10
|
+
- **Description**: The Security Datasets project provides pre-recorded security events generated by simulated adversarial techniques in JSON format. Organized by platform, adversary group, and MITRE ATT&CK technique, these datasets enable detection engineering and threat hunting research.
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
Public Domain — United States Government Work
|
|
2
|
+
|
|
3
|
+
This work is a United States Government work under 17 U.S.C. § 105 and is
|
|
4
|
+
therefore not subject to copyright protection in the United States.
|
|
5
|
+
|
|
6
|
+
NIST asserts no copyright over its publications. NIST data, software, and
|
|
7
|
+
technical series publications are not subject to copyright in the United
|
|
8
|
+
States. Foreign copyrights may apply.
|
|
9
|
+
|
|
10
|
+
NIST supports the principle of open data and encourages the use of its
|
|
11
|
+
publications, data, and software. Attribution to NIST is requested but not
|
|
12
|
+
required.
|
|
13
|
+
|
|
14
|
+
Source: https://www.nist.gov/open/copyright-fair-use-and-licensing-statements-srd-data-software-and-technical-series-publications
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
# Source: NIST SP 800-61 Revision 3
|
|
2
|
+
|
|
3
|
+
- **Repository**: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r3.pdf
|
|
4
|
+
- **License**: Public Domain (United States Government work)
|
|
5
|
+
- **License URI**: https://www.nist.gov/open/copyright-fair-use-and-licensing-statements-srd-data-software-and-technical-series-publications
|
|
6
|
+
- **Rights Contact**: NIST
|
|
7
|
+
- **Extraction Date**: 2026-06-24
|
|
8
|
+
- **Extractor Script**: scripts/extract_nist_ir.py
|
|
9
|
+
- **Records Extracted**: ~200
|
|
10
|
+
- **Description**: NIST Special Publication 800-61 Revision 3 provides guidance on computer security incident handling. Training pairs are generated from the framework's four-phase structure (Preparation, Detection & Analysis, Containment/Eradication/Recovery, Post-Incident Activity) across multiple incident and asset types.
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
Detection Rule License (DRL) 1.1
|
|
2
|
+
|
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
|
4
|
+
this rule set and associated documentation files (the "Rules"), to deal in the
|
|
5
|
+
Rules without restriction, including without limitation the rights to use,
|
|
6
|
+
copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
|
|
7
|
+
the Rules, and to permit persons to whom the Rules are furnished to do so,
|
|
8
|
+
subject to the following conditions:
|
|
9
|
+
|
|
10
|
+
The above copyright notice and this permission notice shall be included in all
|
|
11
|
+
copies or substantial portions of the Rules.
|
|
12
|
+
|
|
13
|
+
THE RULES ARE PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
14
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
15
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
16
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
17
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
18
|
+
OUT OF OR IN CONNECTION WITH THE RULES OR THE USE OR OTHER DEALINGS IN THE
|
|
19
|
+
RULES.
|
|
20
|
+
|
|
21
|
+
Source: https://github.com/SigmaHQ/sigma/blob/master/LICENSE
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
# Source: SigmaHQ/sigma
|
|
2
|
+
|
|
3
|
+
- **Repository**: https://github.com/SigmaHQ/sigma
|
|
4
|
+
- **License**: Detection Rule License (DRL) 1.1
|
|
5
|
+
- **License URI**: https://github.com/SigmaHQ/sigma/blob/master/LICENSE
|
|
6
|
+
- **Rights Contact**: SigmaHQ
|
|
7
|
+
- **Extraction Date**: 2026-06-24
|
|
8
|
+
- **Extractor Script**: scripts/extract_sigma_defensive.py
|
|
9
|
+
- **Records Extracted**: ~3,000
|
|
10
|
+
- **Description**: Sigma is a generic and open signature format that allows you to describe relevant log events in a straightforward manner. The repository contains 3,000+ detection rules mapped to MITRE ATT&CK, covering Windows, Linux, macOS, cloud, and network detection use cases.
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
# Source: Splunk/security_content
|
|
2
|
+
|
|
3
|
+
- **Repository**: https://github.com/splunk/security_content
|
|
4
|
+
- **License**: Apache License 2.0
|
|
5
|
+
- **License URI**: https://github.com/splunk/security_content/blob/main/LICENSE
|
|
6
|
+
- **Rights Contact**: Splunk Inc.
|
|
7
|
+
- **Extraction Date**: 2026-06-24
|
|
8
|
+
- **Extractor Script**: scripts/extract_splunk_content.py
|
|
9
|
+
- **Records Extracted**: ~800
|
|
10
|
+
- **Description**: Splunk Security Content provides Analytic Stories — security guides with background on TTPs mapped to the MITRE ATT&CK framework. Contains SPL detection queries, data source configurations, and notable event setups.
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
# Source: OTRF/ThreatHunter-Playbook
|
|
2
|
+
|
|
3
|
+
- **Repository**: https://github.com/OTRF/ThreatHunter-Playbook
|
|
4
|
+
- **License**: Apache License 2.0
|
|
5
|
+
- **License URI**: https://github.com/OTRF/ThreatHunter-Playbook/blob/master/LICENSE
|
|
6
|
+
- **Rights Contact**: Open Threat Research (OTRF)
|
|
7
|
+
- **Extraction Date**: 2026-06-24
|
|
8
|
+
- **Extractor Script**: scripts/extract_threathunter_playbook.py
|
|
9
|
+
- **Records Extracted**: ~150
|
|
10
|
+
- **Description**: A community-driven, open-source project to share detection logic, adversary tradecraft, and resources to make detection development more efficient. Contains KQL queries, data source requirements, and step-by-step hunting procedures mapped to MITRE ATT&CK.
|