File size: 3,592 Bytes
3f566f6 ece6aa1 3f566f6 ece6aa1 3f566f6 ece6aa1 3f566f6 ece6aa1 3f566f6 ece6aa1 3f566f6 ece6aa1 | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 | ---
base_model: google/gemma-4-e2b-it
tags:
- text-generation-inference
- transformers
- gemma4
- peft
- lora
- cybersecurity
- windows
- privilege-escalation
- pentesting
- red-team
- winpeas
license: apache-2.0
language:
- en
---
# Gemma 4 E2B — Windows Privilege Escalation Expert
A QLoRA fine-tuned version of [Gemma 4 E2B Instruct](https://huggingface.co/google/gemma-4-e2b-it) specialized in **windows privilege escalation**.
Specialized in **Windows privilege escalation**: service misconfigurations, token impersonation (Potato family), UAC bypass, registry attacks, scheduled tasks, kernel exploits, and credential hunting.
Part of the [rezaduty cybersecurity model family](https://huggingface.co/rezaduty).
---
## Expertise
- Methodology: WinPEAS, PowerUp, Seatbelt enumeration
- Service misconfigurations: unquoted paths, weak ACLs, DLL hijacking
- Token impersonation: JuicyPotato, PrintSpoofer, RoguePotato (Potato family)
- UAC bypass techniques: fodhelper, eventvwr, DiskCleanup, ICMLuaUtil
- Registry privesc: AlwaysInstallElevated, autoruns, winlogon credentials
- SeBackupPrivilege, SeRestorePrivilege, SeDebugPrivilege abuse
- Kernel exploits and patch-gap exploitation
---
## Model Details
| Property | Value |
|---|---|
| **Base model** | google/gemma-4-e2b-it (2B parameters) |
| **Fine-tuning method** | QLoRA (rank 16, α 16) |
| **Domain** | Windows Privilege Escalation |
| **Dataset** | [rezaduty/cybersecurity-qa-v2](https://huggingface.co/datasets/rezaduty/cybersecurity-qa-v2) |
| **License** | Apache 2.0 |
---
## Usage
```python
from transformers import AutoTokenizer, AutoModelForCausalLM
from peft import PeftModel
import torch
base_model = "google/gemma-4-e2b-it"
adapter = "rezaduty/gemma4-e2b-privesc-windows"
tokenizer = AutoTokenizer.from_pretrained(adapter)
model = AutoModelForCausalLM.from_pretrained(
base_model, torch_dtype=torch.bfloat16, device_map="auto"
)
model = PeftModel.from_pretrained(model, adapter)
messages = [
{"role": "system", "content": [{"type": "text", "text": "You are an expert in Windows privilege escalation techniques. Provide deep technical answers on Windows privesc methods, detection strategies, and hardening measures with specific commands, tool names, and CVE references where applicable."}]},
{"role": "user", "content": [{"type": "text", "text": "Your question here"}]},
]
inputs = tokenizer.apply_chat_template(
messages, tokenize=True, add_generation_prompt=True, return_tensors="pt"
).to(model.device)
output = model.generate(inputs, max_new_tokens=512, temperature=0.7, top_p=0.9)
print(tokenizer.decode(output[0][inputs.shape[-1]:], skip_special_tokens=True))
```
---
## System Prompt
```
You are an expert in Windows privilege escalation techniques. Provide deep technical answers on Windows privesc methods, detection strategies, and hardening measures with specific commands, tool names, and CVE references where applicable.
```
---
## See Also
- [General cybersecurity model](https://huggingface.co/rezaduty/gemma4-e2b-cybersecurity-interview)
- [Docker & Container Security](https://huggingface.co/rezaduty/gemma4-e2b-docker-container-security)
- [Kubernetes Security](https://huggingface.co/rezaduty/gemma4-e2b-kubernetes-security)
- [AI & LLM Security](https://huggingface.co/rezaduty/gemma4-e2b-ai-llm-security)
- [Cloud IAM & Terraform](https://huggingface.co/rezaduty/gemma4-e2b-cloud-iam-terraform)
- [Active Directory & Red Team](https://huggingface.co/rezaduty/gemma4-e2b-redteam-activedirectory)
- [All rezaduty models](https://huggingface.co/rezaduty)
|