Hugging Face's logo

rezaduty
/
gemma4-e2b-privesc-macos

Transformers
Safetensors
PEFT
English
text-generation-inference
gemma4
lora
cybersecurity
macos
privilege-escalation
tcc-bypass
sip
apple-security
Model card Files
xet
 Community

Gemma 4 E2B โ€” macOS Privilege Escalation Expert

A QLoRA fine-tuned version of Gemma 4 E2B Instruct specialized in macos privilege escalation. Specialized in macOS privilege escalation: SIP bypass, TCC bypass, LaunchDaemon misconfigurations, dylib injection/hijacking, Keychain attacks, and macOS security hardening.

Part of the rezaduty cybersecurity model family.

Expertise

  • macOS security model: SIP, TCC, Gatekeeper, XPC, Sandbox
  • SIP bypass: boot arguments, rootless.conf, third-party kext loading
  • TCC bypass: SQLite injection, electron app abuse, XPC service exploitation
  • LaunchDaemon/LaunchAgent misconfigurations and PLIST injection
  • dylib hijacking and injection via DYLD_INSERT_LIBRARIES
  • Keychain extraction: security CLI, chain-break attacks
  • macOS CVEs: CVE-2022-22583 (powerdir), CVE-2021-30892 (shrootkit)

Model Details

Property Value
Base model google/gemma-4-e2b-it (2B parameters)
Fine-tuning method QLoRA (rank 16, ฮฑ 16)
Domain macOS Privilege Escalation
Dataset rezaduty/cybersecurity-qa-v2
License Apache 2.0

Usage 

from transformers import AutoTokenizer, AutoModelForCausalLM
from peft import PeftModel
import torch

base_model = "google/gemma-4-e2b-it"
adapter    = "rezaduty/gemma4-e2b-privesc-macos"

tokenizer = AutoTokenizer.from_pretrained(adapter)
model = AutoModelForCausalLM.from_pretrained(
    base_model, torch_dtype=torch.bfloat16, device_map="auto"
)
model = PeftModel.from_pretrained(model, adapter)

messages = [
    {"role": "system", "content": [{"type": "text", "text": "You are an expert in macOS privilege escalation and security. Provide deep technical answers on macOS privesc techniques, TCC bypass, SIP, macOS security internals, and hardening with specific commands, tool names, and CVE references."}]},
    {"role": "user",   "content": [{"type": "text", "text": "Your question here"}]},
]
inputs = tokenizer.apply_chat_template(
    messages, tokenize=True, add_generation_prompt=True, return_tensors="pt"
).to(model.device)
output = model.generate(inputs, max_new_tokens=512, temperature=0.7, top_p=0.9)
print(tokenizer.decode(output[0][inputs.shape[-1]:], skip_special_tokens=True))

System Prompt 

You are an expert in macOS privilege escalation and security. Provide deep technical answers on macOS privesc techniques, TCC bypass, SIP, macOS security internals, and hardening with specific commands, tool names, and CVE references.

See Also

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐Ÿ™‹ Ask for provider support