Hugging Face's logo

rezaduty
/
gemma4-e2b-privesc-macos

Transformers
Safetensors
PEFT
English
text-generation-inference
gemma4
lora
cybersecurity
macos
privilege-escalation
tcc-bypass
sip
apple-security
Model card Files
xet
 Community
rezaduty commited on
Commit
591c0a6
·
verified ·
1 Parent(s): 3450a54

Add specialized README for macOS Privilege Escalation

Browse files
Files changed (1) hide show
  1. README.md +85 -9
README.md CHANGED
@@ -1,22 +1,98 @@
1
  ---
2
- base_model: unsloth/gemma-4-e2b-it-unsloth-bnb-4bit
3
  tags:
4
  - text-generation-inference
5
  - transformers
6
- - unsloth
7
  - gemma4
8
- - trl
 
 
 
 
 
 
 
9
  license: apache-2.0
10
  language:
11
  - en
12
  ---
13
 
14
- # Uploaded model
15
 
16
- - **Developed by:** rezaduty
17
- - **License:** apache-2.0
18
- - **Finetuned from model :** unsloth/gemma-4-e2b-it-unsloth-bnb-4bit
19
 
20
- This gemma4 model was trained 2x faster with [Unsloth](https://github.com/unslothai/unsloth)
21
 
22
- [<img src="https://raw.githubusercontent.com/unslothai/unsloth/main/images/unsloth%20made%20with%20love.png" width="200"/>](https://github.com/unslothai/unsloth)
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
  ---
2
+ base_model: google/gemma-4-e2b-it
3
  tags:
4
  - text-generation-inference
5
  - transformers
 
6
  - gemma4
7
+ - peft
8
+ - lora
9
+ - cybersecurity
10
+ - macos
11
+ - privilege-escalation
12
+ - tcc-bypass
13
+ - sip
14
+ - apple-security
15
  license: apache-2.0
16
  language:
17
  - en
18
  ---
19
 
20
+ # Gemma 4 E2B — macOS Privilege Escalation Expert
21
 
22
+ A QLoRA fine-tuned version of [Gemma 4 E2B Instruct](https://huggingface.co/google/gemma-4-e2b-it) specialized in **macos privilege escalation**.
23
+ Specialized in **macOS privilege escalation**: SIP bypass, TCC bypass, LaunchDaemon misconfigurations, dylib injection/hijacking, Keychain attacks, and macOS security hardening.
 
24
 
25
+ Part of the [rezaduty cybersecurity model family](https://huggingface.co/rezaduty).
26
 
27
+ ---
28
+
29
+ ## Expertise
30
+
31
+ - macOS security model: SIP, TCC, Gatekeeper, XPC, Sandbox
32
+ - SIP bypass: boot arguments, rootless.conf, third-party kext loading
33
+ - TCC bypass: SQLite injection, electron app abuse, XPC service exploitation
34
+ - LaunchDaemon/LaunchAgent misconfigurations and PLIST injection
35
+ - dylib hijacking and injection via DYLD_INSERT_LIBRARIES
36
+ - Keychain extraction: security CLI, chain-break attacks
37
+ - macOS CVEs: CVE-2022-22583 (powerdir), CVE-2021-30892 (shrootkit)
38
+
39
+ ---
40
+
41
+ ## Model Details
42
+
43
+ | Property | Value |
44
+ |---|---|
45
+ | **Base model** | google/gemma-4-e2b-it (2B parameters) |
46
+ | **Fine-tuning method** | QLoRA (rank 16, α 16) |
47
+ | **Domain** | macOS Privilege Escalation |
48
+ | **Dataset** | [rezaduty/cybersecurity-qa-v2](https://huggingface.co/datasets/rezaduty/cybersecurity-qa-v2) |
49
+ | **License** | Apache 2.0 |
50
+
51
+ ---
52
+
53
+ ## Usage
54
+
55
+ ```python
56
+ from transformers import AutoTokenizer, AutoModelForCausalLM
57
+ from peft import PeftModel
58
+ import torch
59
+
60
+ base_model = "google/gemma-4-e2b-it"
61
+ adapter = "rezaduty/gemma4-e2b-privesc-macos"
62
+
63
+ tokenizer = AutoTokenizer.from_pretrained(adapter)
64
+ model = AutoModelForCausalLM.from_pretrained(
65
+ base_model, torch_dtype=torch.bfloat16, device_map="auto"
66
+ )
67
+ model = PeftModel.from_pretrained(model, adapter)
68
+
69
+ messages = [
70
+ {"role": "system", "content": [{"type": "text", "text": "You are an expert in macOS privilege escalation and security. Provide deep technical answers on macOS privesc techniques, TCC bypass, SIP, macOS security internals, and hardening with specific commands, tool names, and CVE references."}]},
71
+ {"role": "user", "content": [{"type": "text", "text": "Your question here"}]},
72
+ ]
73
+ inputs = tokenizer.apply_chat_template(
74
+ messages, tokenize=True, add_generation_prompt=True, return_tensors="pt"
75
+ ).to(model.device)
76
+ output = model.generate(inputs, max_new_tokens=512, temperature=0.7, top_p=0.9)
77
+ print(tokenizer.decode(output[0][inputs.shape[-1]:], skip_special_tokens=True))
78
+ ```
79
+
80
+ ---
81
+
82
+ ## System Prompt
83
+
84
+ ```
85
+ You are an expert in macOS privilege escalation and security. Provide deep technical answers on macOS privesc techniques, TCC bypass, SIP, macOS security internals, and hardening with specific commands, tool names, and CVE references.
86
+ ```
87
+
88
+ ---
89
+
90
+ ## See Also
91
+
92
+ - [General cybersecurity model](https://huggingface.co/rezaduty/gemma4-e2b-cybersecurity-interview)
93
+ - [Docker & Container Security](https://huggingface.co/rezaduty/gemma4-e2b-docker-container-security)
94
+ - [Kubernetes Security](https://huggingface.co/rezaduty/gemma4-e2b-kubernetes-security)
95
+ - [AI & LLM Security](https://huggingface.co/rezaduty/gemma4-e2b-ai-llm-security)
96
+ - [Cloud IAM & Terraform](https://huggingface.co/rezaduty/gemma4-e2b-cloud-iam-terraform)
97
+ - [Active Directory & Red Team](https://huggingface.co/rezaduty/gemma4-e2b-redteam-activedirectory)
98
+ - [All rezaduty models](https://huggingface.co/rezaduty)