RealMythos/pocwriter-v1

Overview

RealMythos/pocwriter-v1 is a 9 billion parameter model, fine-tuned from Qwen3.5-9B by RealMythos, specifically for security research. This model is an intermediate stage-1 supervised fine-tune, trained on the RealMythos/RealMythosReasoning dataset, which comprises 6,159 CVE-grounded C/C++ vulnerability-reasoning examples. The training data heavily emphasizes memory-safety issues, including common CWEs like CWE-119, CWE-125, and CWE-787.

Key Capabilities

• Vulnerability Mining: Identifies likely-vulnerable patterns in C/C++ source code, particularly memory-safety issues, and explains the bug class.
• PoC Drafting: Generates proof-of-concept code to validate security findings in authorized testing environments.
• Triage & Write-ups: Assists in prioritizing findings, drafting reproduction steps, and suggesting remediation advice.

Good For

• Defensive Security Work: Aiding in the analysis and understanding of potential vulnerabilities.
• Authorized Offensive Security: Supporting penetration testing, CTF challenges, and security research on owned or explicitly authorized systems.
• C/C++ Memory-Safety Analysis: Its primary strength lies in analyzing C/C++ code for memory-safety vulnerabilities due to its specialized training data.

Limitations

As an intermediate stage-1 checkpoint, outputs may be unstable or incomplete. The model's performance is weaker outside its core focus of C/C++ memory-safety CVEs. Users must always manually verify generated vulnerabilities and PoCs, as the model may hallucinate or produce non-working code. It inherits biases and the knowledge cutoff of its Qwen3.5-9B base.