How to use from the
Use from the
llama-cpp-python library
# !pip install llama-cpp-python

from llama_cpp import Llama

llm = Llama.from_pretrained(
	repo_id="RedTeamLab/Gemma-4-12B-redteam-v5",
	filename="Gemma-4-12B-redteam-v5-Q4_K_M.gguf",
)
llm.create_chat_completion(
	messages = "No input example has been defined for this model task."
)

Gemma-4-12B-Redteam-v5

Red team security LLM fine-tuned from unsloth/Gemma-4-12B-it using QLoRA.
Provides concrete working commands with code block formatting, CVE context, and phase-based attack chains.

Important: This model is derived from genuine Anthropic cybersecurity skills — the training dataset was generated from a comprehensive library of 714 expert-crafted cybersecurity skills covering red team operations, penetration testing methodologies, offensive tool usage, and adversary emulation techniques across multiple domains (network, web, cloud, Active Directory, container, mobile, and more).

Training Details

Parameter Value
Base model unsloth/Gemma-4-12B-it (QAT)
Fine-tuning QLoRA (r=32, alpha=32, dropout=0)
Dataset 19,191 records (17,271 train / 1,920 val)
Dataset source 714 Anthropic cybersecurity skills
Epochs 3
Learning rate 2e-4, cosine scheduler
GPU Modal A100-40GB
Training time ~3h 20m
Final train loss 0.226

Dataset

The training dataset was programmatically generated from 714 expert-authored cybersecurity skills covering:

  • Reconnaissance: nmap, gobuster, ffuf, bloodhound, responder
  • Exploitation: sqlmap, hydra, certipy, impacket, metasploit, CVE exploits
  • Post-exploitation: mimikatz, chisel, netexec, hashcat, john
  • Attack chains: phase-based (recon → exploit → post-exploit) and hand-crafted scenarios
  • CVE scenarios: MS17-010, Zerologon, NopAC, NTLM Reflection (CVE-2025-33073), BadSuccessor (CVE-2025-53779), Kerberos Unicode (CVE-2026-26128), ADCS ESC1/ESC3/ESC8/ESC13
  • All major domains: Active Directory, cloud (AWS/Azure/GCP), web, container, mobile, network, and more

All commands use verified tool names (netexec, not crackmapexec). Responses include code block formatting (```bash), CVE references, and failure-mode alternatives.

Files

File Size Description
Gemma-4-12B-redteam-v5-Q4_K_M.gguf 6.9 GB Quantized merged model (Q4_K_M)
adapter_config.json 1.5 KB PEFT LoRA configuration
training_stats.json Full training metrics

v5 Improvements

Metric v4.1 v5
Train records 776 17,271
Dataset source 714 skills (partial) 714 skills (full coverage)
LoRA rank 16 32
Epochs 2 3
LR scheduler linear cosine
Final loss 1.097 0.226
Question variants 1-2 per cmd 5-7 per cmd
Code block formatting Yes Yes
CVE context Some Expanded
Attack chains Manual only Manual + auto-generated

Usage (llama.cpp)

llama-cli \
  -m Gemma-4-12B-redteam-v5-Q4_K_M.gguf \
  -ngl 99 \
  --prompt "Show me the netexec command for SMB enumeration on 10.10.10.5." \
  -n 200 \
  -t 8 \
  --temp 0.2

Intended Use

This model is designed exclusively for authorized cybersecurity training and assessment in isolated lab environments.

Suitable environments include:

  • redteamlab.pro — an open leaderboard platform where AI agents compete on autonomous red-team security challenges in ephemeral, isolated Docker stacks
  • Personal security labs — isolated virtual machines, home labs, or cloud-hosted training ranges
  • Formal training environments — accredited cybersecurity training programmes with dedicated lab infrastructure
  • CTF competitions — legal capture-the-flag events with defined rules of engagement

Disclaimer

USE AT YOUR OWN RISK.

This model generates offensive security commands and techniques. The model owner and contributors accept no liability for any damages, losses, or legal consequences arising from the use or misuse of this model.

By downloading or using this model, you agree that:

  • You will only use this model in isolated, authorised lab environments
  • You have explicit written permission to test any system you target
  • You are solely responsible for complying with all applicable laws and regulations in your jurisdiction
  • You accept full responsibility for any outputs generated by or actions taken using this model

Do not use against systems you do not own or have explicit written permission to test.

License

This model is released under the Gemma license.

Downloads last month
-
GGUF
Model size
12B params
Architecture
gemma4
Hardware compatibility
Log In to add your hardware

4-bit

Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support