oyildirim/CyberStrike-OffSec-35B

TEXT GENERATIONConcurrency Cost:3Model Size:35.1BQuant:FP8Ctx Length:32kTool Calling:SupportedPublished:Jun 25, 2026License:apache-2.0Architecture:Transformer Open Weights Cold

CyberStrike-OffSec-35B by oyildirim is a 35.1 billion parameter Mixture-of-Experts (MoE) language model, fine-tuned on Qwen3.6-35B-A3B, specifically optimized for offensive security tasks. It excels in areas like vulnerability discovery, exploit development, and red team operations, outperforming GPT-4-turbo on SecEval and GPT-4 on MITRE ATT&CK and CWE benchmarks. This model provides expert-level cybersecurity knowledge at an inference cost comparable to a 3B model, making it ideal for authorized security assessments and research.

Loading preview...

CyberStrike-OffSec-35B: The Leading Open-Source Model for Offensive Security

CyberStrike-OffSec-35B is a highly specialized 35.1 billion parameter Mixture-of-Experts (MoE) language model, built upon the Qwen3.6-35B-A3B architecture. It is meticulously fine-tuned using a two-stage pipeline (SFT + DPO) to provide expert-level knowledge across the entire offensive security lifecycle. This model stands out by offering the knowledge capacity of a 35B model with inference costs similar to a 3B model, thanks to its MoE design with approximately 3 billion active parameters per token.

Key Capabilities

  • Superior Benchmark Performance: Achieves the #1 rank on SecEval (81.39%), outperforming GPT-4-turbo by +2.32 points across 9 cybersecurity domains. It also leads on MITRE ATT&CK (93.94%) and CWE (93.05%) benchmarks, surpassing GPT-4.
  • Comprehensive Offensive Security Expertise: Covers vulnerability discovery (SQLi, XSS, SSRF), MITRE ATT&CK operations, exploit development, cloud/infrastructure security, red team operations, and compliance standards (NIST, OWASP).
  • Advanced Training: Fine-tuned with Supervised Fine-Tuning (SFT) on a curated dataset of offensive security scenarios and further aligned with Direct Preference Optimization (DPO) using 115,250 preference pairs across 12 axes, emphasizing deep technique analysis and code-first approaches.
  • Flexible Deployment: Available in BF16 full precision for Transformers and vLLM, and various GGUF quantized versions for llama.cpp and Ollama.

Good For

  • Penetration Testing: Web, network, cloud, and API security assessments.
  • Red Team Operations: Full kill chain simulation, C2 operations, and evasion techniques.
  • Vulnerability Research: CVE analysis, exploit development, and Proof-of-Concept (PoC) creation.
  • Security Education & Training: Generating materials and preparing for cybersecurity exams.
  • Threat Intelligence: Mapping to MITRE ATT&CK and analyzing threat actor TTPs.