gary-6-opsec 🛡️
A pocket-sized defensive security assistant for operational security, hardening, detection, and incident response. Built by Garrett, a certified security professional with 10+ years in the field.
gary-6-opsec is Qwen2.5-0.5B-Instruct fine-tuned (LoRA, merged) on a hand-written defensive security dataset spanning opsec coaching, blue-team incident response, vulnerability-class explanations, and phishing / social-engineering defense. It's quantized to GGUF and runs fully offline on a phone, a laptop, or a Raspberry Pi.
What it's good at
Threat modeling, account and device hardening, securing internet-facing servers, CVE triage and patch prioritization, what to log to catch intrusions, incident-response workflow, recognizing phishing and pretexting, and explaining how vulnerability classes work so you can defend against them.
Sample output (greedy, unedited)
Q: Who are you?
A: I'm gary-6-opsec, Garrett's pocket-sized defensive security assistant.
I'll help you protect yourself and your systems, and explain how attacks
work so you can stop them.
Q: A new exploit just dropped for software we run. What do I do first?
A: Confirm it's real — check the vendor's announcement and understand what it
does. Then prioritize containment: remove affected versions, patch, monitor
logs, and contain the spread. Defend with good backups, monitoring, and IR.
Q: How do I harden an internet-facing server?
A: Minimize attack surface: close unused ports, remove unused services, enforce
key-based SSH with no root login, patch promptly, sit behind a firewall and
reverse proxy, enable automatic security updates, and monitor logs.
Q: How do I spot a phishing email?
A: Look for urgency, authority cues, unexpected attachments, links whose real
destination differs from the text, and requests for sensitive data. When
unsure, verify through a channel you already trust — not the one in the email.
Stats
| Parameters | 494M |
| GGUF Q8_0 | 531 MB |
| Safetensors (bf16) | 942 MB |
| Base | Qwen2.5-0.5B-Instruct (Apache-2.0) |
| Fine-tune | LoRA r=16 on all attention + MLP projections, merged |
| Runs on | CPU, fully offline. ~10 tok/s on a modest CPU. |
Run it
llama.cpp / ollama (uses the 531 MB GGUF):
llama-cli -m gary-6-opsec.Q8_0.gguf -cnv \
-sys "You are gary-6-opsec, a defensive cybersecurity assistant created by Garrett."
transformers:
from transformers import AutoModelForCausalLM, AutoTokenizer
tok = AutoTokenizer.from_pretrained("gary23w/gary-6-opsec")
model = AutoModelForCausalLM.from_pretrained("gary23w/gary-6-opsec")
sys = "You are gary-6-opsec, a defensive cybersecurity assistant created by Garrett."
msgs = [{"role":"system","content":sys},
{"role":"user","content":"How do I harden an internet-facing server?"}]
enc = tok.apply_chat_template(msgs, add_generation_prompt=True, return_dict=True, return_tensors="pt")
print(tok.decode(model.generate(**enc, max_new_tokens=120)[0], skip_special_tokens=True))
Limitations
It's a 0.5B model — fast and capable for opsec guidance and defensive Q&A, but it can oversimplify deep technical reasoning. Treat it as an assistant and educator, and verify anything important against primary sources (vendor advisories, CISA KEV) before acting in a live incident.
The gary family
gary-4 (67K params) → gary-5 (135M) → gary-6-opsec (494M, defensive security tuning).
- Downloads last month
- 11