Trained, Not Prompted: Why Fine-Tuned Models Beat LLM Wrappers for Offensive Security

Vext Labs Inc — Sun, 26 Apr 2026 20:42:44 +0000

The GPT Wrapper Problem

Here's a secret the "AI security" industry doesn't want you to know: most products in this space are thin wrappers around commercial LLM APIs. They send prompts like "You are a penetration tester. Analyze this HTTP response for vulnerabilities" to GPT-4 or Claude, parse the output, and call it autonomous pentesting.

This approach has three fatal flaws.

Flaw 1: Generic Models Hallucinate in Security Contexts

Large language models trained on general internet data will confidently report vulnerabilities that don't exist. They've seen enough security blog posts to know what SQL injection looks like, but they lack the specialized training to distinguish a real vulnerability from a false positive. In security, false positives aren't just annoying — they waste your team's time and erode trust in the tool.

Flaw 2: Prompt Engineering is Fragile

Prompt-based approaches break when the target doesn't match the template. A carefully crafted prompt for testing REST APIs will fail on GraphQL endpoints. A prompt designed for standard HTML forms won't handle React single-page applications. Real applications are messy, and prompt templates can't handle that messiness.

Flaw 3: No Learning Loop

When a prompt-wrapped LLM fails to find a vulnerability, nothing changes. The next engagement uses the same prompts with the same limitations. There is no mechanism for improvement.

VEXT's Approach: Fine-Tuned Offensive Models

VEXT takes a fundamentally different approach. Our agents are purpose-built for offensive security, trained on real exploit data from thousands of security engagements.

What does this mean in practice?

Attack patterns are in the weights, not the prompts. Our injection workers don't need to be told what SQL injection looks like — they have internalized thousands of real injection patterns, bypass techniques, and exploitation chains from training data. This is the difference between reading about swimming and actually knowing how to swim.

The feedback loop is real. Every engagement generates training signal — 326K+ curated examples and growing. Brain v4 retrains continuously via RLAF. DPO alignment runs on validated vs false-positive pairs. When an agent discovers a new bypass technique, it propagates to all agents within the same run via Redis streams, and persists across runs via the VAULT knowledge graph.

Three-tier ML stack. Brain v4 (6M params, 15ms) handles tool selection via GNN + MCTS. Specialist-7B (7B params, 200ms) handles tool output parsing and payload generation. Sentry v4 (100B class, 2s) handles complex hypothesis generation and novel exploit reasoning. Six-stage training: SFT, DPO, GRPO, RLAF, self-play, continuous learning.

Why This Matters for Your Security

The difference between a prompted model and a fine-tuned model is the difference between a contractor who read the manual yesterday and an expert who has done the job a thousand times. Both can follow instructions. Only one has intuition.

When your next compliance audit requires a penetration test, ask your vendor one question: are your models trained on real exploit data, or are they prompting a general-purpose LLM? The answer tells you everything you need to know about the quality of findings you'll receive.

VEXT Specialist-7B: How a 7B Model Beats Frontier AI on Security Benchmarks

Vext Labs Inc — Sun, 26 Apr 2026 20:41:56 +0000

VEXT Specialist-7B: How a 7B Model Beats Frontier AI on Security Benchmarks

The conventional wisdom in AI is bigger equals better. More parameters, more training data, more compute. For general tasks, this holds. For offensive security, it does not. Specialist-7B proves that a purpose-trained 7B model can outperform frontier models 10-100x its size on the tasks that actually matter for penetration testing.

The Benchmark Results

We evaluated Specialist-7B against Claude Opus, GPT-4o, and Llama 3.1 70B across eight security-specific benchmark categories. The results were decisive.

Benchmark Category	Specialist-7B (7B)	Claude Opus	GPT-4o	Llama 3.1 70B
Practical Pentesting Tasks	90%	72%	68%	61%
Compliance Mapping Accuracy	100%	89%	85%	74%
Web Security Exploits	88%	79%	71%	58%
Tool Output Parsing	95%	82%	78%	65%
Payload Generation	87%	74%	70%	54%
Assessment Plan Sequencing	91%	80%	76%	63%
False Positive Detection	94%	83%	79%	67%
Overall Security Score	92%	80%	75%	63%

Specialist-7B achieves a 92% overall security score compared to Claude Opus at 80%, GPT-4o at 75%, and Llama 3.1 70B at 63%. On compliance mapping specifically, Specialist-7B achieves perfect 100% accuracy — correctly mapping every finding to the right PCI DSS 4.0, SOC 2, HIPAA, GDPR, ISO 27001, NIST CSF, and FedRAMP controls.

Why Smaller Beats Bigger

Frontier models are trained on internet-scale general text. They know a little about everything. Specialist-7B is trained on 326K+ examples from real penetration testing engagements — tool outputs, exploit chains, vulnerability reports, compliance mappings, and assessment plans.

This specialization creates three advantages:

1. Domain-specific pattern recognition. Specialist-7B has seen thousands of real nmap outputs, nuclei scan results, and sqlmap exploitation logs. It does not need to reason from first principles about what a port scan result means — it has internalized the patterns. This is why tool output parsing hits 95% accuracy versus 82% for Claude Opus.

2. Security-aware false positive filtering. General models frequently hallucinate vulnerabilities because they pattern-match against security blog posts rather than real exploitation data. Specialist-7B was fine-tuned with DPO on validated-vs-false-positive pairs from real bug bounty programs, giving it 94% accuracy on false positive detection.

3. Compliance control internalization. Mapping a finding to the correct PCI DSS 4.0 control requires deep knowledge of the control framework — not just keyword matching. Specialist-7B was trained on thousands of auditor-validated compliance mappings, achieving 100% accuracy where larger models score 74-89%.

The Architecture

Specialist-7B sits in the middle tier of VEXT's three-tier AI architecture:

Tier 1 — Brain v4 (5ms, 80% of decisions): A 6M parameter neural engine using GNN + Multi-Head Q-Net + MCTS. Handles tool selection and attack routing at 99.7% accuracy.
Tier 2 — Specialist-7B (200ms, 15% of decisions): The workhorse. Tool output parsing, payload generation, assessment plan sequencing, compliance mapping. Fast enough for structured tasks, smart enough for complex security reasoning.
Tier 3 — Sentry v4 (2s, 5% of decisions): A 100B class model for complex hypothesis generation, novel exploit chain reasoning, and deep analysis. Called only when the smaller tiers cannot handle the task.

This tiered approach reduces inference cost by 95% (from $251K/month on Bedrock to $12K/month self-hosted) while maintaining or improving quality.

Training Pipeline

Specialist-7B was trained through a multi-stage pipeline:

Base model selection: Started from a 7B parameter base model selected for strong code understanding
SFT (Supervised Fine-Tuning): 326K+ examples from real security engagements — tool outputs, assessment plans, compliance mappings, vulnerability reports
DPO (Direct Preference Optimization): 2,049 validated-vs-false-positive pairs from real bug bounty findings, teaching the model to distinguish real vulnerabilities from noise
Task-specific fine-tuning: Separate fine-tuning rounds for tool output parsing, payload generation, and compliance mapping using domain-specific datasets

The training data comes from real penetration testing across 17 bug bounty programs — not synthetic data, not CTF solutions, not blog post examples.

What Specialist-7B Does

Tool output parsing: Feed Specialist-7B raw output from nmap, nuclei, sqlmap, burp, gobuster, or any of 24+ supported security tools. Get structured findings with severity, CWE mapping, and recommended next steps.

Payload generation: Context-aware payload crafting for SQL injection, XSS, SSRF, command injection, deserialization, and IDOR vectors. Specialist-7B considers WAF presence, technology stack, and prior failed attempts.

Assessment plan sequencing: Given reconnaissance data, Specialist-7B generates prioritized assessment plans with dependency ordering — which tests to run first, which findings to chain together, and which kill chains to activate.

Compliance mapping: Submit any finding and get it mapped to the correct controls across PCI DSS 4.0, SOC 2, HIPAA, GDPR, ISO 27001, NIST CSF, and FedRAMP with 100% accuracy.

False positive filtering: Two-pass validation where Specialist-7B evaluates evidence quality, reproduction reliability, and exploit chain viability to filter false positives before they reach the report.

Open Source

Specialist-7B is available on HuggingFace under the Apache 2.0 license. We believe security tooling improves when the community can inspect, contribute to, and build on top of the models. Download it, fine-tune it for your use case, integrate it into your pipeline.

The model weights, evaluation benchmarks, and training methodology documentation are all open. The training data itself is proprietary (it comes from real engagements), but the model is fully open-weight.

Why This Matters

The cybersecurity industry has been flooded with "AI security tools" that are thin wrappers around commercial LLM APIs. They send a prompt to GPT-4 asking it to "analyze this HTTP response for vulnerabilities" and call it autonomous pentesting.

Specialist-7B proves that purpose-trained models — even small ones — dramatically outperform general-purpose frontier models on real security tasks. A 7B model running at 200ms on a single GPU achieves 90% on practical pentesting tasks where Claude Opus scores 72% and GPT-4o scores 68%.

The lesson: for offensive security, training on real exploit data matters more than parameter count. Purpose-built beats general-purpose, every time.

Get Started

Download Specialist-7B: Available on HuggingFace (Apache 2.0)
Try VEXT Platform: https://tryvext.com/access
Read the benchmarks: https://tryvext.com/benchmarks
Explore the architecture: https://tryvext.com/technology

DEV Community: Vext Labs Inc

Trained, Not Prompted: Why Fine-Tuned Models Beat LLM Wrappers for Offensive Security

The GPT Wrapper Problem

Flaw 1: Generic Models Hallucinate in Security Contexts

Flaw 2: Prompt Engineering is Fragile

Flaw 3: No Learning Loop

VEXT's Approach: Fine-Tuned Offensive Models

Why This Matters for Your Security

VEXT Specialist-7B: How a 7B Model Beats Frontier AI on Security Benchmarks

VEXT Specialist-7B: How a 7B Model Beats Frontier AI on Security Benchmarks

The Benchmark Results

Why Smaller Beats Bigger

The Architecture

Training Pipeline

What Specialist-7B Does

Open Source

Why This Matters

Get Started