--- base_model: google/gemma-4-e2b-it tags: - text-generation-inference - transformers - gemma4 - peft - lora - cybersecurity - windows - privilege-escalation - pentesting - red-team - winpeas license: apache-2.0 language: - en --- # Gemma 4 E2B — Windows Privilege Escalation Expert A QLoRA fine-tuned version of [Gemma 4 E2B Instruct](https://huggingface.co/google/gemma-4-e2b-it) specialized in **windows privilege escalation**. Specialized in **Windows privilege escalation**: service misconfigurations, token impersonation (Potato family), UAC bypass, registry attacks, scheduled tasks, kernel exploits, and credential hunting. Part of the [rezaduty cybersecurity model family](https://huggingface.co/rezaduty). --- ## Expertise - Methodology: WinPEAS, PowerUp, Seatbelt enumeration - Service misconfigurations: unquoted paths, weak ACLs, DLL hijacking - Token impersonation: JuicyPotato, PrintSpoofer, RoguePotato (Potato family) - UAC bypass techniques: fodhelper, eventvwr, DiskCleanup, ICMLuaUtil - Registry privesc: AlwaysInstallElevated, autoruns, winlogon credentials - SeBackupPrivilege, SeRestorePrivilege, SeDebugPrivilege abuse - Kernel exploits and patch-gap exploitation --- ## Model Details | Property | Value | |---|---| | **Base model** | google/gemma-4-e2b-it (2B parameters) | | **Fine-tuning method** | QLoRA (rank 16, α 16) | | **Domain** | Windows Privilege Escalation | | **Dataset** | [rezaduty/cybersecurity-qa-v2](https://huggingface.co/datasets/rezaduty/cybersecurity-qa-v2) | | **License** | Apache 2.0 | --- ## Usage ```python from transformers import AutoTokenizer, AutoModelForCausalLM from peft import PeftModel import torch base_model = "google/gemma-4-e2b-it" adapter = "rezaduty/gemma4-e2b-privesc-windows" tokenizer = AutoTokenizer.from_pretrained(adapter) model = AutoModelForCausalLM.from_pretrained( base_model, torch_dtype=torch.bfloat16, device_map="auto" ) model = PeftModel.from_pretrained(model, adapter) messages = [ {"role": "system", "content": [{"type": "text", "text": "You are an expert in Windows privilege escalation techniques. Provide deep technical answers on Windows privesc methods, detection strategies, and hardening measures with specific commands, tool names, and CVE references where applicable."}]}, {"role": "user", "content": [{"type": "text", "text": "Your question here"}]}, ] inputs = tokenizer.apply_chat_template( messages, tokenize=True, add_generation_prompt=True, return_tensors="pt" ).to(model.device) output = model.generate(inputs, max_new_tokens=512, temperature=0.7, top_p=0.9) print(tokenizer.decode(output[0][inputs.shape[-1]:], skip_special_tokens=True)) ``` --- ## System Prompt ``` You are an expert in Windows privilege escalation techniques. Provide deep technical answers on Windows privesc methods, detection strategies, and hardening measures with specific commands, tool names, and CVE references where applicable. ``` --- ## See Also - [General cybersecurity model](https://huggingface.co/rezaduty/gemma4-e2b-cybersecurity-interview) - [Docker & Container Security](https://huggingface.co/rezaduty/gemma4-e2b-docker-container-security) - [Kubernetes Security](https://huggingface.co/rezaduty/gemma4-e2b-kubernetes-security) - [AI & LLM Security](https://huggingface.co/rezaduty/gemma4-e2b-ai-llm-security) - [Cloud IAM & Terraform](https://huggingface.co/rezaduty/gemma4-e2b-cloud-iam-terraform) - [Active Directory & Red Team](https://huggingface.co/rezaduty/gemma4-e2b-redteam-activedirectory) - [All rezaduty models](https://huggingface.co/rezaduty)