File size: 3,619 Bytes
1b6ac15 127f222 1b6ac15 127f222 1b6ac15 127f222 1b6ac15 127f222 1b6ac15 127f222 1b6ac15 127f222 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 | ---
base_model: google/gemma-4-e2b-it
tags:
- text-generation-inference
- transformers
- gemma4
- peft
- lora
- cybersecurity
- active-directory
- red-team
- kerberos
- bloodhound
- lateral-movement
license: apache-2.0
language:
- en
---
# Gemma 4 E2B — Active Directory Attack TTPs Expert
A QLoRA fine-tuned version of [Gemma 4 E2B Instruct](https://huggingface.co/google/gemma-4-e2b-it) specialized in **active directory attack ttps**.
Specialized in **Active Directory attack techniques**: BloodHound attack path analysis, Kerberos delegation abuses, RBCD, GPO abuse, ACL attacks, trust attacks, and domain persistence.
Part of the [rezaduty cybersecurity model family](https://huggingface.co/rezaduty).
---
## Expertise
- BloodHound/SharpHound: attack path enumeration and shortest path analysis
- Kerberoasting, AS-REP Roasting, and Kerberos unconstrained/constrained delegation abuse
- Resource-Based Constrained Delegation (RBCD) attacks
- GPO abuse, AdminSDHolder persistence, and ACL attacks (WriteDACL, GenericAll)
- DCSync vs DCShadow: domain replication attacks
- AD trust attacks: SID history, inter-forest trust exploitation
- LAPS bypass, Protected Users group, and AD tiering model
---
## Model Details
| Property | Value |
|---|---|
| **Base model** | google/gemma-4-e2b-it (2B parameters) |
| **Fine-tuning method** | QLoRA (rank 16, α 16) |
| **Domain** | Active Directory Attack TTPs |
| **Dataset** | [rezaduty/cybersecurity-qa-v2](https://huggingface.co/datasets/rezaduty/cybersecurity-qa-v2) |
| **License** | Apache 2.0 |
---
## Usage
```python
from transformers import AutoTokenizer, AutoModelForCausalLM
from peft import PeftModel
import torch
base_model = "google/gemma-4-e2b-it"
adapter = "rezaduty/gemma4-e2b-active-directory-ttps"
tokenizer = AutoTokenizer.from_pretrained(adapter)
model = AutoModelForCausalLM.from_pretrained(
base_model, torch_dtype=torch.bfloat16, device_map="auto"
)
model = PeftModel.from_pretrained(model, adapter)
messages = [
{"role": "system", "content": [{"type": "text", "text": "You are an expert in Active Directory attack techniques and red team operations. Provide deep, technical answers on AD exploitation, attack paths, lateral movement, and domain dominance techniques with tool references and MITRE ATT&CK mappings."}]},
{"role": "user", "content": [{"type": "text", "text": "Your question here"}]},
]
inputs = tokenizer.apply_chat_template(
messages, tokenize=True, add_generation_prompt=True, return_tensors="pt"
).to(model.device)
output = model.generate(inputs, max_new_tokens=512, temperature=0.7, top_p=0.9)
print(tokenizer.decode(output[0][inputs.shape[-1]:], skip_special_tokens=True))
```
---
## System Prompt
```
You are an expert in Active Directory attack techniques and red team operations. Provide deep, technical answers on AD exploitation, attack paths, lateral movement, and domain dominance techniques with tool references and MITRE ATT&CK mappings.
```
---
## See Also
- [General cybersecurity model](https://huggingface.co/rezaduty/gemma4-e2b-cybersecurity-interview)
- [Docker & Container Security](https://huggingface.co/rezaduty/gemma4-e2b-docker-container-security)
- [Kubernetes Security](https://huggingface.co/rezaduty/gemma4-e2b-kubernetes-security)
- [AI & LLM Security](https://huggingface.co/rezaduty/gemma4-e2b-ai-llm-security)
- [Cloud IAM & Terraform](https://huggingface.co/rezaduty/gemma4-e2b-cloud-iam-terraform)
- [Active Directory & Red Team](https://huggingface.co/rezaduty/gemma4-e2b-redteam-activedirectory)
- [All rezaduty models](https://huggingface.co/rezaduty)
|