Hugging Face's logo

rezaduty
/
gemma4-e2b-active-directory-ttps

Transformers
Safetensors
PEFT
English
text-generation-inference
gemma4
lora
cybersecurity
active-directory
red-team
kerberos
bloodhound
lateral-movement
Model card Files
xet
 Community
rezaduty commited on
Commit
127f222
·
verified ·
1 Parent(s): 36a3374

Add specialized README for Active Directory Attack TTPs

Browse files
Files changed (1) hide show
  1. README.md +85 -9
README.md CHANGED
@@ -1,22 +1,98 @@
1
  ---
2
- base_model: unsloth/gemma-4-e2b-it-unsloth-bnb-4bit
3
  tags:
4
  - text-generation-inference
5
  - transformers
6
- - unsloth
7
  - gemma4
8
- - trl
 
 
 
 
 
 
 
9
  license: apache-2.0
10
  language:
11
  - en
12
  ---
13
 
14
- # Uploaded model
15
 
16
- - **Developed by:** rezaduty
17
- - **License:** apache-2.0
18
- - **Finetuned from model :** unsloth/gemma-4-e2b-it-unsloth-bnb-4bit
19
 
20
- This gemma4 model was trained 2x faster with [Unsloth](https://github.com/unslothai/unsloth)
21
 
22
- [<img src="https://raw.githubusercontent.com/unslothai/unsloth/main/images/unsloth%20made%20with%20love.png" width="200"/>](https://github.com/unslothai/unsloth)
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
  ---
2
+ base_model: google/gemma-4-e2b-it
3
  tags:
4
  - text-generation-inference
5
  - transformers
 
6
  - gemma4
7
+ - peft
8
+ - lora
9
+ - cybersecurity
10
+ - active-directory
11
+ - red-team
12
+ - kerberos
13
+ - bloodhound
14
+ - lateral-movement
15
  license: apache-2.0
16
  language:
17
  - en
18
  ---
19
 
20
+ # Gemma 4 E2B — Active Directory Attack TTPs Expert
21
 
22
+ A QLoRA fine-tuned version of [Gemma 4 E2B Instruct](https://huggingface.co/google/gemma-4-e2b-it) specialized in **active directory attack ttps**.
23
+ Specialized in **Active Directory attack techniques**: BloodHound attack path analysis, Kerberos delegation abuses, RBCD, GPO abuse, ACL attacks, trust attacks, and domain persistence.
 
24
 
25
+ Part of the [rezaduty cybersecurity model family](https://huggingface.co/rezaduty).
26
 
27
+ ---
28
+
29
+ ## Expertise
30
+
31
+ - BloodHound/SharpHound: attack path enumeration and shortest path analysis
32
+ - Kerberoasting, AS-REP Roasting, and Kerberos unconstrained/constrained delegation abuse
33
+ - Resource-Based Constrained Delegation (RBCD) attacks
34
+ - GPO abuse, AdminSDHolder persistence, and ACL attacks (WriteDACL, GenericAll)
35
+ - DCSync vs DCShadow: domain replication attacks
36
+ - AD trust attacks: SID history, inter-forest trust exploitation
37
+ - LAPS bypass, Protected Users group, and AD tiering model
38
+
39
+ ---
40
+
41
+ ## Model Details
42
+
43
+ | Property | Value |
44
+ |---|---|
45
+ | **Base model** | google/gemma-4-e2b-it (2B parameters) |
46
+ | **Fine-tuning method** | QLoRA (rank 16, α 16) |
47
+ | **Domain** | Active Directory Attack TTPs |
48
+ | **Dataset** | [rezaduty/cybersecurity-qa-v2](https://huggingface.co/datasets/rezaduty/cybersecurity-qa-v2) |
49
+ | **License** | Apache 2.0 |
50
+
51
+ ---
52
+
53
+ ## Usage
54
+
55
+ ```python
56
+ from transformers import AutoTokenizer, AutoModelForCausalLM
57
+ from peft import PeftModel
58
+ import torch
59
+
60
+ base_model = "google/gemma-4-e2b-it"
61
+ adapter = "rezaduty/gemma4-e2b-active-directory-ttps"
62
+
63
+ tokenizer = AutoTokenizer.from_pretrained(adapter)
64
+ model = AutoModelForCausalLM.from_pretrained(
65
+ base_model, torch_dtype=torch.bfloat16, device_map="auto"
66
+ )
67
+ model = PeftModel.from_pretrained(model, adapter)
68
+
69
+ messages = [
70
+ {"role": "system", "content": [{"type": "text", "text": "You are an expert in Active Directory attack techniques and red team operations. Provide deep, technical answers on AD exploitation, attack paths, lateral movement, and domain dominance techniques with tool references and MITRE ATT&CK mappings."}]},
71
+ {"role": "user", "content": [{"type": "text", "text": "Your question here"}]},
72
+ ]
73
+ inputs = tokenizer.apply_chat_template(
74
+ messages, tokenize=True, add_generation_prompt=True, return_tensors="pt"
75
+ ).to(model.device)
76
+ output = model.generate(inputs, max_new_tokens=512, temperature=0.7, top_p=0.9)
77
+ print(tokenizer.decode(output[0][inputs.shape[-1]:], skip_special_tokens=True))
78
+ ```
79
+
80
+ ---
81
+
82
+ ## System Prompt
83
+
84
+ ```
85
+ You are an expert in Active Directory attack techniques and red team operations. Provide deep, technical answers on AD exploitation, attack paths, lateral movement, and domain dominance techniques with tool references and MITRE ATT&CK mappings.
86
+ ```
87
+
88
+ ---
89
+
90
+ ## See Also
91
+
92
+ - [General cybersecurity model](https://huggingface.co/rezaduty/gemma4-e2b-cybersecurity-interview)
93
+ - [Docker & Container Security](https://huggingface.co/rezaduty/gemma4-e2b-docker-container-security)
94
+ - [Kubernetes Security](https://huggingface.co/rezaduty/gemma4-e2b-kubernetes-security)
95
+ - [AI & LLM Security](https://huggingface.co/rezaduty/gemma4-e2b-ai-llm-security)
96
+ - [Cloud IAM & Terraform](https://huggingface.co/rezaduty/gemma4-e2b-cloud-iam-terraform)
97
+ - [Active Directory & Red Team](https://huggingface.co/rezaduty/gemma4-e2b-redteam-activedirectory)
98
+ - [All rezaduty models](https://huggingface.co/rezaduty)