ML model security auditing — pickle exploit detection, integrity checks, OWASP ML Top 10

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for bad-antics from gravatar.com bad-antics

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: bad-antics
  • Tags ml-security , model-audit , pickle , adversarial , owasp , ai-security , security
  • Requires: Python >=3.10
Classifiers
Report project as malware

Project description

🔍 NullSec ModelAudit

ML Model Security Auditing Framework

Python License NullSec

Comprehensive security auditing for deployed machine learning models

🎯 Overview

NullSec ModelAudit is a security auditing framework for machine learning models. It inspects model files for hidden payloads (pickle deserialization, Lambda layers), checks for backdoors via Neural Cleanse and Meta Neural Analysis, evaluates robustness boundaries, and generates compliance-ready audit reports covering OWASP ML Top 10 risks.

⚡ Features

Feature Description
File Inspector Detect pickle exploits, malicious Lambda layers, hidden ops
Backdoor Scan Neural Cleanse, Meta Neural Analysis, fine-pruning checks
Robustness Eval Automated adversarial boundary testing
Supply Chain Verify model provenance and hash integrity
Fairness Audit Bias detection across protected attributes
OWASP ML Top 10 Map findings to OWASP ML risk categories
Report Engine HTML/PDF/JSON audit reports with severity ratings

📋 Audit Checks

Check Category Severity
Pickle RCE Deserialization Critical
Lambda Injection Model Architecture Critical
Backdoor Trigger Integrity High
Adversarial Fragility Robustness High
Training Data Leakage Privacy High
Model Watermark Provenance Medium
Bias / Fairness Compliance Medium
Dependency Vuln Supply Chain Variable

🚀 Quick Start

# Full security audit of a model file
nullsec-modelaudit scan --model model.pt --format pytorch --output audit-report.html

# Check for deserialization exploits in pickle files
nullsec-modelaudit inspect --model model.pkl --check deserialization

# Backdoor detection scan
nullsec-modelaudit backdoor --model model.h5 --dataset validation/ --num-classes 10

# Supply chain verification
nullsec-modelaudit verify --model model.onnx --expected-hash sha256:abc123...

🔗 Related Projects

Project Description
nullsec-adversarial Adversarial ML attack toolkit
nullsec-datapoisoning Training data poisoning detection
nullsec-llmred LLM red-teaming framework
nullsec-promptinject Prompt injection payloads
nullsec-linux Security Linux distro (140+ tools)

⚠️ Legal

For authorized security auditing only. Always obtain proper authorization before auditing third-party models.

📜 License

MIT License — @bad-antics

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for bad-antics from gravatar.com bad-antics

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: bad-antics
  • Tags ml-security , model-audit , pickle , adversarial , owasp , ai-security , security
  • Requires: Python >=3.10
Classifiers

Release history Release notifications | RSS feed

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

nullsec_modelaudit-0.1.0.tar.gz (5.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

nullsec_modelaudit-0.1.0-py3-none-any.whl (6.6 kB view details)

Uploaded Python 3

File details

Details for the file nullsec_modelaudit-0.1.0.tar.gz.

File metadata

  • Download URL: nullsec_modelaudit-0.1.0.tar.gz
  • Upload date:
  • Size: 5.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.5

File hashes

Hashes for nullsec_modelaudit-0.1.0.tar.gz
Algorithm Hash digest
SHA256 35548a30e6237a32b7711037402e61ebbd17bd932d2378eda7ac4abbcfe645a3
MD5 7080fa2c37ebc35e83015aa343af39b2
BLAKE2b-256 12220b951fc8fe0ce26ea8eb6df3b7c9d91791292a2d02cbd7aed1868860479d

See more details on using hashes here.

File details

Details for the file nullsec_modelaudit-0.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for nullsec_modelaudit-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 8779693ab1add3c74ee24eb14a0659b9802451b9e53df4b9df327f27095c363c
MD5 6fcee3c4d4300d766ac7751041fe322e
BLAKE2b-256 aa5920a27535ddd2a6b001c552f1ae061bbbfb27e624321fea68ff449c0b1dfd

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page