Instructions to use bytesbrains/hunter-crypto-7b with libraries, inference providers, notebooks, and local apps. Follow these links to get started.
- Libraries
- MLX
How to use bytesbrains/hunter-crypto-7b with MLX:
# Make sure mlx-lm is installed # pip install --upgrade mlx-lm # Generate text with mlx-lm from mlx_lm import load, generate model, tokenizer = load("bytesbrains/hunter-crypto-7b") prompt = "Write a story about Einstein" messages = [{"role": "user", "content": prompt}] prompt = tokenizer.apply_chat_template( messages, add_generation_prompt=True ) text = generate(model, tokenizer, prompt=prompt, verbose=True) - Notebooks
- Google Colab
- Kaggle
- Local Apps Settings
- LM Studio
- Pi
How to use bytesbrains/hunter-crypto-7b with Pi:
Start the MLX server
# Install MLX LM: uv tool install mlx-lm # Start a local OpenAI-compatible server: mlx_lm.server --model "bytesbrains/hunter-crypto-7b"
Configure the model in Pi
# Install Pi: npm install -g @mariozechner/pi-coding-agent # Add to ~/.pi/agent/models.json: { "providers": { "mlx-lm": { "baseUrl": "http://localhost:8080/v1", "api": "openai-completions", "apiKey": "none", "models": [ { "id": "bytesbrains/hunter-crypto-7b" } ] } } }Run Pi
# Start Pi in your project directory: pi
- Hermes Agent new
How to use bytesbrains/hunter-crypto-7b with Hermes Agent:
Start the MLX server
# Install MLX LM: uv tool install mlx-lm # Start a local OpenAI-compatible server: mlx_lm.server --model "bytesbrains/hunter-crypto-7b"
Configure Hermes
# Install Hermes: curl -fsSL https://hermes-agent.nousresearch.com/install.sh | bash hermes setup # Point Hermes at the local server: hermes config set model.provider custom hermes config set model.base_url http://127.0.0.1:8080/v1 hermes config set model.default bytesbrains/hunter-crypto-7b
Run Hermes
hermes
- OpenClaw new
How to use bytesbrains/hunter-crypto-7b with OpenClaw:
Start the MLX server
# Install MLX LM: uv tool install mlx-lm # Start a local OpenAI-compatible server: mlx_lm.server --model "bytesbrains/hunter-crypto-7b"
Configure OpenClaw
# Install OpenClaw: npm install -g openclaw@latest # Register the local server and set it as the default model: openclaw onboard --non-interactive --mode local \ --auth-choice custom-api-key \ --custom-base-url http://127.0.0.1:8080/v1 \ --custom-model-id "bytesbrains/hunter-crypto-7b" \ --custom-provider-id mlx-lm \ --custom-compatibility openai \ --custom-text-input \ --accept-risk \ --skip-health
Run OpenClaw
openclaw agent --local --agent main --message "Hello from Hugging Face"
- MLX LM
How to use bytesbrains/hunter-crypto-7b with MLX LM:
Generate or start a chat session
# Install MLX LM uv tool install mlx-lm # Interactive chat REPL mlx_lm.chat --model "bytesbrains/hunter-crypto-7b"
Run an OpenAI-compatible server
# Install MLX LM uv tool install mlx-lm # Start the server mlx_lm.server --model "bytesbrains/hunter-crypto-7b" # Calling the OpenAI-compatible server with curl curl -X POST "http://localhost:8000/v1/chat/completions" \ -H "Content-Type: application/json" \ --data '{ "model": "bytesbrains/hunter-crypto-7b", "messages": [ {"role": "user", "content": "Hello"} ] }'
hunter-crypto-7b
A local cryptography-attack specialist for authorized security work, by Naderu — a BytesBrains Pte. Ltd. venture.
hunter-crypto is a compact, specialised model for the cryptography corner of penetration
testing and CTF work: given a challenge — a cipher, a weak-parameter RSA key, an oracle — it
identifies the weakness and produces a runnable attack script (PyCryptodome / SageMath) that
recovers the plaintext or flag. It runs fully offline on Apple Silicon, so engagement data never
leaves the box. It is the first model of the Hunter family.
- Fine-tuned from:
Qwen/Qwen2.5-Coder-7B-Instruct(Apache-2.0) - Method: QLoRA (r=8, scale=20) on a 4-bit MLX quant, assistant-tokens-only, 1000 iters, MLX on Apple Silicon
- This artifact: merged bf16 weights (adapter fused into the base, de-quantized)
- Full provenance, recipe, and eval harness: github.com/nandal/naderu —
models/hunter-crypto/
Intended use
A local specialist behind an authorized pentest / CTF workflow, handling the cryptography corner offline: recovering plaintext/flags from cryptographically weak or misconfigured constructions during authorized testing, CTF competition, and security education.
Authorized use only. This model is for authorized penetration testing, defensive security, and CTF/education. It is not for attacking systems you do not have explicit permission to test. It targets weak/misconfigured crypto for assessment; it is not a tool for defeating properly-deployed modern cryptography, and does not claim to.
Out of scope: general chat, factual Q&A, non-crypto exploitation, and any use requiring guaranteed correctness. Its output is a candidate attack to be run and verified, not an authority.
The task contract
Given a challenge (description + material: ciphertext, public parameters, an oracle interface, source), the model returns (1) a short identification of the weakness, and (2) a single runnable script that, when executed against the provided material, prints the recovered plaintext/flag.
Evaluation
Graded by end-to-end execution — the model's script must run and print the known secret (no partial credit) — over a frozen held-out set verified disjoint from training. Base = the 4-bit Qwen2.5-Coder base with no adapter; trained = this model.
| Tier | Metric | Gate | Base | Trained |
|---|---|---|---|---|
| In-distribution (48, six trained categories) | solve_rate | ≥0.95 → PASS | 0.333 | 1.000 |
| In-distribution (48) | valid_script_rate | ≥0.95 → PASS | 0.333 | 1.000 |
| Independent-method (36, different generator) | solve_rate | reported | 0.250 | 0.972 |
| OOD-hard (24, untrained RSA attacks) | solve_rate | non-gating | 0.000 | 0.125 |
Trained categories (all maxed on the in-distribution tier): xor1, xorK, caesar, affine,
base_chain, rsa_low_e. The independent-method result (0.972 on a set built by a different
generator with varied encodings/labels/parameters) is the signal that the model learned the attacks,
not just the training generator's surface templates. Full breakdown:
models/hunter-crypto/benchmarks.md.
Limitations, risks & safety
- Small, narrow model. It proposes attacks for weak crypto; it is not a cryptanalysis engine and will be wrong on hard or out-of-distribution problems (see OOD tier). Always run and verify.
- No guarantee of correctness or safety of generated code — run generated scripts in a sandbox.
- Dual-use. Crypto-attack capability is inherently dual-use; scope is authorized assessment of weak/misconfigured crypto, shipped as one corner of a human-consent-gated workflow.
License
Apache-2.0, inheriting Qwen/Qwen2.5-Coder-7B-Instruct's upstream terms.
- Downloads last month
- -
Quantized