Hugging Face's logo

rezaduty
/
gemma4-e2b-active-directory-ttps

Transformers
Safetensors
PEFT
English
text-generation-inference
gemma4
lora
cybersecurity
active-directory
red-team
kerberos
bloodhound
lateral-movement
Model card Files
xet
 Community

Gemma 4 E2B โ€” Active Directory Attack TTPs Expert

A QLoRA fine-tuned version of Gemma 4 E2B Instruct specialized in active directory attack ttps. Specialized in Active Directory attack techniques: BloodHound attack path analysis, Kerberos delegation abuses, RBCD, GPO abuse, ACL attacks, trust attacks, and domain persistence.

Part of the rezaduty cybersecurity model family.

Expertise

  • BloodHound/SharpHound: attack path enumeration and shortest path analysis
  • Kerberoasting, AS-REP Roasting, and Kerberos unconstrained/constrained delegation abuse
  • Resource-Based Constrained Delegation (RBCD) attacks
  • GPO abuse, AdminSDHolder persistence, and ACL attacks (WriteDACL, GenericAll)
  • DCSync vs DCShadow: domain replication attacks
  • AD trust attacks: SID history, inter-forest trust exploitation
  • LAPS bypass, Protected Users group, and AD tiering model

Model Details

Property Value
Base model google/gemma-4-e2b-it (2B parameters)
Fine-tuning method QLoRA (rank 16, ฮฑ 16)
Domain Active Directory Attack TTPs
Dataset rezaduty/cybersecurity-qa-v2
License Apache 2.0

Usage 

from transformers import AutoTokenizer, AutoModelForCausalLM
from peft import PeftModel
import torch

base_model = "google/gemma-4-e2b-it"
adapter    = "rezaduty/gemma4-e2b-active-directory-ttps"

tokenizer = AutoTokenizer.from_pretrained(adapter)
model = AutoModelForCausalLM.from_pretrained(
    base_model, torch_dtype=torch.bfloat16, device_map="auto"
)
model = PeftModel.from_pretrained(model, adapter)

messages = [
    {"role": "system", "content": [{"type": "text", "text": "You are an expert in Active Directory attack techniques and red team operations. Provide deep, technical answers on AD exploitation, attack paths, lateral movement, and domain dominance techniques with tool references and MITRE ATT&CK mappings."}]},
    {"role": "user",   "content": [{"type": "text", "text": "Your question here"}]},
]
inputs = tokenizer.apply_chat_template(
    messages, tokenize=True, add_generation_prompt=True, return_tensors="pt"
).to(model.device)
output = model.generate(inputs, max_new_tokens=512, temperature=0.7, top_p=0.9)
print(tokenizer.decode(output[0][inputs.shape[-1]:], skip_special_tokens=True))

System Prompt 

You are an expert in Active Directory attack techniques and red team operations. Provide deep, technical answers on AD exploitation, attack paths, lateral movement, and domain dominance techniques with tool references and MITRE ATT&CK mappings.

See Also

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐Ÿ™‹ Ask for provider support