Karen Akers
karenny
AI & ML interests
None yet
Recent Activity
repliedto SeaWolf-AI's post about 4 hours ago
🐯 Chitos — The Security Scanner That Actually Proves It
Most security scanners hand you a suspect list and walk away. That gap between detection and proof is where attackers live — and it's exactly the gap that Chitos was built to close.
Chitos is the successor to Mythos, a static analyzer built for quick code health checks. Mythos was good at pattern matching — spotting dangerous sinks, mapping CWEs, producing readable reports. But static analysis has a structural ceiling. A rule that sees eval(user_input) can tell you that looks dangerous. It cannot tell you whether the input is reachable, whether sanitization three layers up covers this path, or whether there's a live exploit chain for your exact framework version. Chitos was built to answer those questions.
🔍 Phase 1 applies 50 language-agnostic rules across Python, JavaScript, Go, Java, C/C++, Rust, PHP, YAML and more — covering injection sinks, deserialization gadgets, credential leakage, broken crypto, and prototype pollution. Every candidate is re-verified before reaching the report. Findings that can't be substantiated are excluded, not handed to you as noise.
🔬 Phase 2 dispatches an autonomous web-search agent to hunt live CVE databases, exploit advisories, and public PoC repositories. It formulates hypotheses, verifies them, and synthesizes a structured threat narrative. This phase needs a user-supplied Claude API key — Phases 1 and 3 run entirely free.
🎯 Phase 3 is where Chitos diverges from everything else. Against targets you own or are authorized to test, it fires real payloads — XSS, SQLi, path traversal, command injection — mutates on block, captures hard evidence, and connects every proven finding into a kill-chain showing which vulnerabilities to remediate first.
No installation. No account. No code sent to third-party APIs.
Article: https://huggingface.co/blog/FINAL-Bench/chitos
Try it now 👉 https://chitos.vidraft.net
repliedto Banaxi-Tech's post about 4 hours ago
📱 TinyPhoneLM - LLMs on a Phone
I built TinyPhoneLM because I wanted to see how far tiny local LMs can go on a real Android phone.
Not just a server app.
Not just an API wrapper.
Not “AI on your phone” that secretly sends everything somewhere else.
TinyPhoneLM allows you to run small language models directly on android. It uses llama.cpp via JNI. We have alot of options for default models + custom GGUF Import Supported. I am running Qwen3.5 4B Locally on my Redmi Note 12 Pro 5G at 4 tokens per second, that may seem slow but that it even runs on my phone is insane. I can also run Qwen3.5 0.8B at 10TPS!
Look at this Chart From Artificial Analysis.
Qwen3.5 4B is Better than GPT 4.1 and GPT 5 Mini at minimal reasoning!
And even the smallest 800M Parameter Qwen3.5 0.8B still beats GPT 3.5 Turbo!
The bad news: To get it on the play store we need 12 Testers
Please only submit your Google Play email if you have a Android phone
If you want to test TinyPhoneLM, enter your Google Play email here:
👉 https://docs.google.com/forms/d/1LqkT2pUHbalSUV50M8PX8m7M6S122ip0cWcbKcytcXk/viewform
I would really appreciate the help if you get a tester!Organizations
None yet