Update README.md

Update model card to reflect 18 tools, sovereign agent upgrades, and full stack documentation

README.md

@@ -1,102 +1,106 @@
 ---
 license: mit
-tags:
-  - security
-  - pentesting
-  - autonomous-agent
-  - cybersecurity
-  - tool-use
-  - qwen2.5
 language:
-  - en
-base_model:
-  - bartowski/Qwen2.5-14B_Uncensored_Instruct-GGUF
+- en
+tags:
+- penetration-testing
+- autonomous-agent
+- mcp
+- kali-linux
+- llm
+- cybersecurity
+- red-team
+- ethical-hacking
+- bug-bounty
+- python
+- flask
+- bug-bounty,
+- pentesting-tools,
+- mcp,
+- mcp-server,
+- mcp-agent-loop,
+- ethical-hacker,
+- ethical-hacking-tools,
+library_name: other
 pipeline_tag: text-generation
-library_name: transformers
+base_model:
+- Qwen/Qwen2.5-1.5B-Instruct-GGUF
 ---
 
-![PenMaster Banner](banner_animated.gif)
-
-![demo](./Final_EDIT.gif)
-
-<video autoplay loop muted playsinline width="100%">
-  <source src="./Final_EDIT.mp4" type="video/mp4">
-</video>
-
-
-🔐 Local Security Model — Autonomous Pentesting Agent
+# 🔐 PenMaster Security
 
-Developed by: automajicly
-Built on: Qwen2.5-14b-Instruct-Uncensored-GGUF by Bartowski
+**Autonomous AI-powered penetration testing agent — fully local, no cloud, no API keys.**
 
- OVERVIEW
+Built on Kali Linux with a local LLM (Qwen 2.5-14B via LM Studio) and a Flask-based MCP tool server. The agent runs recon, attacks, and generates professional pentest reports — all autonomously.
 
-Local_Security_Model is an autonomous penetration testing agent designed for professional security assessments. Built on top of Qwen 2.5, it operates through a custom MCP (Model Context Protocol) architecture that enables real-time tool orchestration, vulnerability discovery, and exploit chaining — all running locally with no cloud dependency.
-This agent was developed as the core engine behind PenMaster Security, targeting small business security audits, WordPress hardening, and ecommerce vulnerability assessments.
-
-Key Capabilities
-	•	Autonomous reconnaissance — masscan + nmap port/service enumeration with zero manual input
-	•	Vulnerability assessment — searchsploit integration for CVE matching against discovered services
-	•	Web application testing — nikto and sqlmap for injection and misconfiguration detection
-	•	Credential auditing — hydra and ncrack for multi-protocol brute force testing
-	•	Payload delivery — curl/wget for staged payload retrieval and HTTP interaction
-	•	Structured reporting — auto-generated HTML pentest reports with severity ratings and remediation guidance
-
-    Architecture
+![demo](./Final_EDIT.gif)
 
-    agent_loop.py          ←  LLM reasoning + tool chain generation (Qwen 2.5 via LM Studio)
-    mcp_server.py          ←  Flask-based tool execution server (port 8000, systemd managed)
-    report_generator.py    ←  HTML report engine with PenMaster branding
-    logs/                  ←  Structured JSON session logs
-    reports/               ←  Auto-generated client-facing pentest reports
+---
 
+## What It Does
 
-    Model backend: 
-     Qwen 2.5-14B served locally via LM StudioExecution layer: Flask MCP server with systemd auto-restartInterface: Terminal-native, SSH-accessible from remote IDEs (Cursor)
+- 🔍 Autonomous recon — masscan + nmap to discover open ports and services
+- ⚔️ Autonomous attack loop — selects and chains tools based on what it finds
+- 🧠 Persistent negative experience cache — learns what fails across ALL sessions and never repeats mistakes
+- 📝 Auto-generates branded HTML pentest reports on session end (Ctrl+C)
+- 🔒 100% local — Qwen 2.5-14B running in LM Studio, nothing leaves your machine
 
-   Tool Stack:
-     
-     TOOL                     PURPOSE
-     
-     masscan               High speed port scanning
+---
 
-     nmap                 Service/version enumeration
+## Tool Arsenal (18 Tools)
+
+| Tool | Purpose |
+|------|---------|
+| `run_masscan` | Fast port discovery |
+| `run_nmap` | Deep service/version scanning |
+| `run_nikto` | Web vulnerability scanning |
+| `run_sqlmap` | SQL injection testing |
+| `run_hydra` | Credential brute forcing |
+| `run_ncrack` | Network authentication cracking |
+| `run_searchsploit` | CVE/exploit database lookup |
+| `run_metasploit` | Exploit framework integration |
+| `run_curl` | HTTP interaction and payload staging |
+| `run_wget` | File retrieval and payload staging |
+| `run_enum4linux` | SMB/Samba enumeration |
+| `run_smbclient` | SMB share access and enumeration |
+| `run_ftp` | FTP service interaction |
+| `run_ssh` | SSH service interaction |
+| `run_telnet` | Telnet service interaction |
+| `run_wpscan` | WordPress vulnerability scanning |
+| `run_dirb` | Web directory brute forcing |
+| `run_set` | Social Engineering Toolkit |
 
-     nitko                Web server vulnerability scanning
+---
 
-     sqlmap              SQL injection detection
-    
-     hydra               Multi-protocol credential brute forcing
+## Sovereign Agent Upgrades
 
-     ncrack              Network authentication cracking
+- ✅ Autonomous tool reasoning — agent selects tools based on discovered services
+- ✅ Persistent negative experience cache — SHA-256 fingerprinting blacklists failing tool/parameter combos across sessions
+- ✅ Social Engineering Toolkit (SET) integration
+- ✅ Auto HTML pentest report generation
 
-     searchsploit       CVE/exploit database lookup
+---
 
-     curl/wget          HTTP interaction and payload staging
+## Stack
 
-     
-     
-     Intended Use
-   
-   This model and agent stack is designed for:
-	•	Professional penetration testing against authorized targets
-	•	Security audits for small businesses, WordPress sites, and ecommerce platforms
-	•	Vulnerability research in isolated lab environments
-	•	Security education and CTF preparation
-⚠️ Authorized use only. This tool is intended exclusively for use against systems you own or have explicit written permission to test. Unauthorized use is illegal and unethical.
+- **Model:** Qwen 2.5-14B Instruct (abliterated) via LM Studio
+- **OS:** Kali Linux
+- **Server:** Flask MCP server (port 8000)
+- **Agent:** Python autonomous loop
+- **Reports:** Auto-generated HTML on exit
 
+---
 
-Target Environments
-	•	Kali Linux (primary deployment platform)
-	•	Isolated VM lab networks
-	•	Small business web infrastructure (with client authorization)
+## Intended Use
 
+Designed for:
+- Professional penetration testing against **authorized targets only**
+- Security audits for small businesses, WordPress sites, and ecommerce
+- Bug bounty hunting workflows
+- AI/security research and development
 
-    Business Context
-Local_Security_Model is the core engine behind  PenMaster Security — an independent penetration testing project offering:
-	•	Initial security audit and vulnerability report
-	•	Ongoing security hardening retainer
-	•	WordPress and ecommerce-focused assessments
-📬 Contact: GitHub.com/XenoCoreGiger31
+---
 
+## GitHub
 
+[XenoCoreGiger31/Local-Model](https://github.com/XenoCoreGiger31/Local-Model)