White Rabbit Neo AI Prompting Cheat Sheet

Overview

White Rabbit Neo represents a groundbreaking advancement in cybersecurity-focused artificial intelligence, designed specifically to support DevSecOps professionals in both offensive and defensive cybersecurity operations. Unlike general-purpose AI models that are heavily censored and restricted from discussing security topics, White Rabbit Neo is an uncensored, specialized Large Language Model (LLM) that has been meticulously trained on extensive cybersecurity and threat intelligence datasets.

Originally based on the LLaMA 2 architecture and recently updated to leverage the Qwen 2.5 family of models, White Rabbit Neo fills a critical gap in the cybersecurity industry by providing AI assistance for legitimate security research, penetration testing, vulnerability assessment, and defensive security operations. The model is designed to think like a seasoned red team expert while maintaining the ethical framework necessary for responsible cybersecurity practice.

What sets White Rabbit Neo apart is its specialized knowledge base covering everything from reconnaissance techniques and exploit development to incident response and digital forensics. The latest version 2.5 includes four specialized sub-models, each fine-tuned for specific aspects of cybersecurity work, making it an indispensable tool for security professionals who need AI assistance without the limitations imposed by mainstream commercial models.

Model Architecture and Specializations

Core Model Variants

White Rabbit Neo is available in multiple configurations, with the 13B and 33B parameter versions being the most widely used. The larger 33B model provides more sophisticated reasoning capabilities and deeper cybersecurity knowledge, while the 13B model offers faster inference times for routine tasks.

Specialized Sub-Models (Version 2.5)

ReconRabbit

Specializes in reconnaissance and information gathering techniques, including OSINT (Open Source Intelligence), network scanning, and target enumeration. This model excels at suggesting reconnaissance methodologies, analyzing gathered intelligence, and identifying potential attack vectors.

ExploitRabbit

Focuses on vulnerability exploitation techniques, payload development, and attack methodology. This model can generate exploit code, suggest attack vectors, and provide detailed explanations of exploitation techniques across various platforms and technologies.

DefenseRabbit

Designed for defensive cybersecurity measures, including threat detection, incident response, and security architecture. This model helps with defensive strategies, security control implementation, and threat hunting methodologies.

ForensicsRabbit

Specialized in digital forensics and incident response, capable of guiding forensic analysis, evidence collection, and incident investigation procedures.

Key Strengths and Capabilities

Uncensored Security Knowledge

Unlike mainstream AI models that refuse to discuss security topics, White Rabbit Neo provides detailed, practical guidance on cybersecurity techniques, making it invaluable for legitimate security research and professional development.

Practical Exploit Development

The model can generate working exploit code, analyze vulnerabilities, and provide step-by-step exploitation guidance for educational and authorized testing purposes.

Comprehensive Security Coverage

From network penetration testing to web application security, from malware analysis to incident response, White Rabbit Neo covers the full spectrum of cybersecurity disciplines.

Tool Integration Capabilities

White Rabbit Neo understands and can provide guidance on popular security tools including Metasploit, Nmap, Burp Suite, Wireshark, and many others, making it an excellent companion for existing security workflows.

Educational Excellence

The model excels at explaining complex security concepts, making it valuable for cybersecurity education, training, and professional development.

Fundamental Prompting Principles

Ethical Framework

Always begin interactions by establishing the ethical and legal context of your security work. White Rabbit Neo is designed for legitimate security professionals operating within proper authorization frameworks.

Specificity and Context

Provide detailed context about your security testing environment, objectives, and constraints. The more specific your prompts, the more targeted and useful the responses will be.

Progressive Complexity

Start with foundational concepts and build toward more advanced techniques. White Rabbit Neo can adapt its responses to your skill level and specific needs.

Practical Application Focus

Frame prompts around real-world scenarios and practical applications rather than theoretical discussions to get the most actionable guidance.

Reconnaissance and Information Gathering

OSINT and Target Research

White Rabbit Neo excels at guiding comprehensive reconnaissance activities and open-source intelligence gathering.

I'm conducting authorized reconnaissance for a penetration test of a mid-size financial services company. Please provide a comprehensive OSINT methodology that includes:

**Phase 1: Passive Information Gathering**
- Corporate structure and subsidiary identification
- Employee enumeration through social media and professional networks
- Technology stack identification through job postings and public documents
- Domain and subdomain discovery techniques
- Email address harvesting methodologies

**Phase 2: Infrastructure Analysis**
- DNS enumeration and zone transfer attempts
- Network range identification and IP space mapping
- Cloud service identification (AWS, Azure, GCP footprints)
- Certificate transparency log analysis
- Historical data analysis using Wayback Machine

**Phase 3: Social Engineering Preparation**
- Key personnel identification and role analysis
- Communication patterns and organizational hierarchy
- Potential social engineering vectors and pretexts
- Physical security considerations and facility information

Please provide specific tools, techniques, and methodologies for each phase, including command examples and best practices for maintaining operational security.

Network Reconnaissance

Leverage White Rabbit Neo's expertise in network discovery and enumeration techniques.

I need to perform comprehensive network reconnaissance on an authorized target network (10.0.0.0/16). The client has requested a thorough assessment of their network security posture. Please provide:

**Network Discovery Strategy:**
- Host discovery techniques for different network segments
- Port scanning methodologies to minimize detection
- Service enumeration and version identification
- Operating system fingerprinting approaches

**Advanced Reconnaissance:**
- SNMP enumeration and community string testing
- SMB enumeration and null session exploitation
- LDAP enumeration and directory service analysis
- Web service discovery and technology identification

**Stealth Considerations:**
- Traffic timing and rate limiting strategies
- Decoy scanning and source IP obfuscation
- Fragmentation and evasion techniques
- Log analysis evasion methodologies

Include specific Nmap commands, custom scripts, and alternative tools for each technique.

Web Application Reconnaissance

Utilize White Rabbit Neo's knowledge of web application security testing methodologies.

I'm conducting an authorized web application penetration test for a complex e-commerce platform. Please provide a comprehensive reconnaissance strategy:

**Application Mapping:**
- Directory and file enumeration techniques
- Parameter discovery and input validation testing
- Technology stack identification and version detection
- Third-party component and framework identification

**Authentication and Session Analysis:**
- Login mechanism analysis and bypass techniques
- Session management security assessment
- Multi-factor authentication testing approaches
- Password policy and account lockout analysis

**Business Logic Assessment:**
- Workflow analysis and logic flaw identification
- Privilege escalation vector identification
- Data flow analysis and injection point discovery
- API endpoint discovery and security testing

**Advanced Techniques:**
- JavaScript analysis and client-side security testing
- WebSocket and real-time communication security
- Mobile application component analysis
- Cloud integration and third-party service assessment

Provide specific tools, techniques, and manual testing approaches for each area.

Vulnerability Assessment and Exploitation

Automated Vulnerability Scanning

White Rabbit Neo can guide the effective use of vulnerability scanners and interpretation of results.

I need to conduct a comprehensive vulnerability assessment of a mixed Windows/Linux environment with web applications. Please provide guidance on:

**Scanner Selection and Configuration:**
- Nessus, OpenVAS, and Qualys configuration for different environments
- Custom plugin development and vulnerability check creation
- Authenticated vs. unauthenticated scanning strategies
- Performance optimization and network impact minimization

**Results Analysis and Prioritization:**
- False positive identification and elimination techniques
- Risk scoring and business impact assessment
- Vulnerability correlation and attack path analysis
- Remediation priority matrix development

**Manual Verification Procedures:**
- Critical vulnerability manual confirmation techniques
- Exploit development and proof-of-concept creation
- Impact assessment and business risk quantification
- Documentation and reporting best practices

Include specific configuration examples, custom scripts, and analysis methodologies.

Exploit Development and Customization

Leverage White Rabbit Neo's expertise in creating and customizing exploits for authorized testing.

I've identified a buffer overflow vulnerability in a custom application during an authorized penetration test. Please guide me through the exploit development process:

**Vulnerability Analysis:**
- Static and dynamic analysis techniques for vulnerability confirmation
- Debugging and reverse engineering approaches
- Memory layout analysis and exploitation feasibility assessment
- Security mitigation bypass strategies (ASLR, DEP, Stack Canaries)

**Exploit Development:**
- Payload development and shellcode creation
- Return address calculation and offset determination
- Exploit reliability and stability improvement
- Multi-platform and architecture considerations

**Advanced Techniques:**
- ROP chain construction for modern exploit mitigation bypass
- Heap exploitation techniques and use-after-free exploitation
- Format string vulnerability exploitation
- Race condition and timing attack exploitation

**Testing and Validation:**
- Exploit testing in controlled environments
- Payload customization for specific objectives
- Anti-virus and EDR evasion techniques
- Exploit delivery and persistence mechanisms

Provide code examples, debugging techniques, and step-by-step development guidance.

Web Application Exploitation

Utilize White Rabbit Neo's knowledge of web application vulnerabilities and exploitation techniques.

I've discovered multiple vulnerabilities in a web application during an authorized assessment. Please provide exploitation guidance for:

**SQL Injection Exploitation:**
- Manual injection techniques and payload development
- Automated tool usage (SQLMap, custom scripts)
- Database enumeration and data extraction
- Privilege escalation and system command execution

**Cross-Site Scripting (XSS) Exploitation:**
- Payload development for different XSS types
- Filter bypass techniques and encoding methods
- Session hijacking and credential theft
- Advanced XSS exploitation and persistence

**Authentication and Authorization Bypass:**
- Session fixation and hijacking techniques
- Privilege escalation and horizontal access
- Multi-factor authentication bypass methods
- API security testing and token manipulation

**Advanced Web Exploitation:**
- Server-Side Request Forgery (SSRF) exploitation
- XML External Entity (XXE) attack techniques
- Deserialization vulnerability exploitation
- Template injection and code execution

Provide specific payloads, exploitation techniques, and post-exploitation strategies.

Defensive Security and Blue Team Operations

Threat Detection and Hunting

White Rabbit Neo can assist with defensive security operations and threat hunting activities.

I'm implementing a comprehensive threat hunting program for a large enterprise environment. Please provide guidance on:

**Threat Hunting Methodology:**
- Hypothesis-driven hunting techniques and framework development
- Intelligence-driven hunting using threat intelligence feeds
- Behavioral analysis and anomaly detection approaches
- Hunt team organization and skill development

**Detection Engineering:**
- SIEM rule development and tuning for specific threats
- Custom detection logic for advanced persistent threats
- Machine learning and statistical analysis for threat detection
- False positive reduction and alert quality improvement

**Investigation Techniques:**
- Digital forensics and incident response procedures
- Memory analysis and malware detection techniques
- Network traffic analysis and lateral movement detection
- Timeline analysis and attack reconstruction

**Tool Integration and Automation:**
- SOAR platform integration and playbook development
- Threat intelligence platform utilization
- Custom tool development for specific hunting needs
- Metrics and measurement for hunting program effectiveness

Include specific detection rules, hunting queries, and investigation procedures.

Incident Response and Forensics

Leverage White Rabbit Neo's forensics expertise for incident response activities.

I'm responding to a suspected advanced persistent threat (APT) incident in a corporate environment. Please provide comprehensive incident response guidance:

**Initial Response and Containment:**
- Incident classification and severity assessment
- Containment strategies that preserve evidence
- Communication protocols and stakeholder notification
- Evidence preservation and chain of custody procedures

**Forensic Analysis:**
- Memory acquisition and analysis techniques
- Disk imaging and file system analysis
- Network traffic capture and analysis
- Malware analysis and reverse engineering

**Threat Intelligence Integration:**
- IOC extraction and threat intelligence correlation
- Attribution analysis and threat actor profiling
- Campaign tracking and related incident identification
- Threat landscape analysis and future threat prediction

**Recovery and Lessons Learned:**
- System restoration and security hardening
- Incident documentation and reporting
- Post-incident review and process improvement
- Security control enhancement and gap remediation

Provide specific tools, techniques, and procedures for each phase of the incident response process.

Security Architecture and Hardening

Utilize White Rabbit Neo's knowledge of defensive security architecture and system hardening.

I need to design a comprehensive security architecture for a cloud-native application environment. Please provide guidance on:

**Zero Trust Architecture Implementation:**
- Identity and access management design
- Network segmentation and micro-segmentation
- Continuous authentication and authorization
- Device trust and endpoint security integration

**Cloud Security Design:**
- Multi-cloud security architecture considerations
- Container and Kubernetes security implementation
- Serverless security and function-level protection
- Cloud-native security tool integration

**Defense in Depth Strategy:**
- Layered security control implementation
- Security monitoring and logging architecture
- Threat detection and response capability design
- Security automation and orchestration

**Compliance and Governance:**
- Regulatory compliance framework integration
- Security policy development and enforcement
- Risk management and assessment procedures
- Security metrics and reporting frameworks

Include specific architectural patterns, configuration examples, and implementation guidance.

Advanced Prompting Techniques

Scenario-Based Learning

White Rabbit Neo excels at providing guidance through realistic cybersecurity scenarios.

Create a comprehensive red team exercise scenario where I'm tasked with assessing the security of a financial services organization. The scenario should include:

**Target Environment:**
- Mixed cloud and on-premises infrastructure
- Regulatory compliance requirements (PCI DSS, SOX)
- Advanced security controls and monitoring
- Experienced blue team and incident response capabilities

**Engagement Rules:**
- Limited scope with specific systems and time windows
- Social engineering restrictions and approval processes
- Data handling and confidentiality requirements
- Emergency contact and escalation procedures

**Attack Simulation:**
- Multi-stage attack campaign development
- Persistence and lateral movement techniques
- Data exfiltration and impact demonstration
- Evasion techniques for advanced security controls

**Documentation and Reporting:**
- Real-time documentation and evidence collection
- Executive summary and technical findings
- Remediation recommendations and priority ranking
- Lessons learned and security improvement suggestions

Walk me through each phase of this engagement, providing specific techniques, tools, and methodologies appropriate for this high-security environment.

Tool Integration and Automation

Leverage White Rabbit Neo's knowledge of security tool integration and automation.

I want to create an automated penetration testing framework that integrates multiple security tools. Please help me design:

**Framework Architecture:**
- Modular design for different testing phases
- Tool integration and data flow management
- Results correlation and analysis automation
- Reporting and documentation generation

**Tool Integration:**
- Nmap integration for network discovery and scanning
- Metasploit integration for exploitation and post-exploitation
- Burp Suite integration for web application testing
- Custom script development for specialized testing

**Automation and Orchestration:**
- Workflow automation and decision logic
- Dynamic target adaptation and testing customization
- Error handling and recovery mechanisms
- Parallel processing and performance optimization

**Quality Assurance:**
- False positive detection and elimination
- Result validation and verification procedures
- Manual testing integration and human oversight
- Continuous improvement and framework evolution

Provide code examples, integration patterns, and architectural guidance for building this framework.

Advanced Threat Simulation

Utilize White Rabbit Neo's expertise in advanced threat simulation and red team operations.

I need to simulate an advanced persistent threat (APT) campaign for a large enterprise security assessment. Please provide detailed guidance on:

**Campaign Planning and Intelligence:**
- Target organization analysis and attack surface mapping
- Threat actor simulation and tactics, techniques, procedures (TTPs)
- Attack timeline development and milestone planning
- Operational security and tradecraft considerations

**Initial Access and Persistence:**
- Spear-phishing campaign development and execution
- Watering hole attacks and supply chain compromise
- Zero-day exploitation and vulnerability research
- Persistence mechanisms and stealth techniques

**Lateral Movement and Privilege Escalation:**
- Network reconnaissance and trust relationship exploitation
- Credential harvesting and pass-the-hash techniques
- Active Directory exploitation and domain compromise
- Living-off-the-land techniques and fileless malware

**Data Exfiltration and Impact:**
- Sensitive data identification and classification
- Covert communication channels and data exfiltration
- Business impact demonstration and risk quantification
- Attribution obfuscation and false flag operations

Provide specific techniques, tools, and methodologies for each phase, including detection evasion strategies and operational security considerations.

Specialized Use Cases

Malware Analysis and Reverse Engineering

White Rabbit Neo can provide guidance on malware analysis and reverse engineering techniques.

I've obtained a suspicious binary during an incident response investigation and need to perform comprehensive malware analysis. Please guide me through:

**Static Analysis:**
- File format analysis and metadata extraction
- String analysis and embedded artifact identification
- Disassembly and code structure analysis
- Packing and obfuscation detection and unpacking

**Dynamic Analysis:**
- Sandbox environment setup and configuration
- Behavioral analysis and system interaction monitoring
- Network communication analysis and C2 identification
- Registry and file system modification tracking

**Advanced Analysis:**
- Debugger usage and code execution tracing
- Memory analysis and runtime behavior examination
- Anti-analysis technique identification and bypass
- Cryptographic analysis and key extraction

**Threat Intelligence Integration:**
- IOC extraction and threat intelligence correlation
- Malware family classification and attribution
- Campaign tracking and related sample identification
- Defensive signature development and deployment

Provide specific tools, techniques, and analysis procedures for each phase of the malware analysis process.

Cloud Security Assessment

Leverage White Rabbit Neo's knowledge of cloud security testing and assessment.

I'm conducting a comprehensive security assessment of a multi-cloud environment (AWS, Azure, GCP). Please provide guidance on:

**Cloud Infrastructure Assessment:**
- Identity and access management (IAM) security testing
- Network security and segmentation analysis
- Storage security and data protection assessment
- Compute security and container vulnerability analysis

**Cloud-Native Security Testing:**
- Serverless function security assessment
- API gateway and microservices security testing
- Container orchestration security (Kubernetes, Docker)
- CI/CD pipeline security and supply chain analysis

**Cloud Configuration Assessment:**
- Security group and firewall rule analysis
- Encryption and key management assessment
- Logging and monitoring configuration review
- Compliance and governance framework evaluation

**Advanced Cloud Attacks:**
- Privilege escalation in cloud environments
- Lateral movement between cloud services
- Data exfiltration from cloud storage
- Cloud-specific persistence and backdoor techniques

Include specific tools, techniques, and cloud platform-specific considerations for each assessment area.

Mobile Application Security Testing

Utilize White Rabbit Neo's expertise in mobile application security assessment.

I need to conduct a comprehensive security assessment of a mobile banking application (iOS and Android). Please provide guidance on:

**Static Analysis:**
- Application binary analysis and reverse engineering
- Source code review and vulnerability identification
- Third-party library and dependency analysis
- Cryptographic implementation assessment

**Dynamic Analysis:**
- Runtime application security testing (RAST)
- API security testing and backend communication analysis
- Authentication and session management testing
- Data storage and protection mechanism assessment

**Platform-Specific Testing:**
- iOS-specific security testing (jailbreak detection, keychain analysis)
- Android-specific testing (root detection, intent analysis)
- Platform permission and privilege analysis
- Inter-app communication security assessment

**Advanced Mobile Attacks:**
- Man-in-the-middle attacks on mobile communications
- Mobile malware and trojan development
- Social engineering attacks targeting mobile users
- Physical device security and forensic analysis

Provide specific tools, techniques, and testing methodologies for comprehensive mobile application security assessment.

Best Practices and Optimization

Ethical and Legal Considerations

Always maintain the highest ethical standards when using White Rabbit Neo for cybersecurity work.

Authorization and Scope

Ensure all security testing activities are properly authorized through written agreements and clearly defined scope documents. Never use White Rabbit Neo's capabilities for unauthorized or malicious activities.

Responsible Disclosure

When vulnerabilities are discovered during authorized testing, follow responsible disclosure practices and work with organizations to remediate security issues before public disclosure.

Professional Standards

Maintain professional cybersecurity standards and certifications, using White Rabbit Neo as a tool to enhance legitimate security work rather than replace professional judgment and expertise.

Prompt Optimization Strategies

Context Richness

Provide comprehensive context about your security testing environment, objectives, and constraints to receive the most relevant and actionable guidance.

Progressive Complexity

Start with foundational concepts and build toward more advanced techniques, allowing White Rabbit Neo to adapt its responses to your skill level and specific needs.

Practical Focus

Frame prompts around real-world scenarios and practical applications rather than theoretical discussions to get the most actionable guidance.

Tool Integration

Specify the tools and technologies you're working with to receive tailored guidance that integrates with your existing security workflow.

Quality Assurance and Validation

Cross-Reference Information

Always cross-reference White Rabbit Neo's guidance with authoritative sources, industry best practices, and your own professional experience.

Test in Controlled Environments

Test all techniques and exploits in controlled, authorized environments before applying them in production security assessments.

Continuous Learning

Use White Rabbit Neo as a learning tool to enhance your cybersecurity knowledge and skills, but continue to develop your own expertise and judgment.

Documentation and Reporting

Maintain detailed documentation of all security testing activities and findings, using White Rabbit Neo's guidance to enhance the quality and comprehensiveness of your reports.

Integration and Deployment

Local Deployment Options

White Rabbit Neo can be deployed locally for enhanced security and privacy in sensitive environments.

# Example deployment using Ollama
ollama pull whiterabbitneo:13b
ollama run whiterabbitneo:13b "Your cybersecurity prompt here"

# Example deployment using Hugging Face Transformers
from transformers import AutoTokenizer, AutoModelForCausalLM
tokenizer = AutoTokenizer.from_pretrained("WhiteRabbitNeo/WhiteRabbitNeo-13B-v1")
model = AutoModelForCausalLM.from_pretrained("WhiteRabbitNeo/WhiteRabbitNeo-13B-v1")

API Integration

# Example API integration for cybersecurity workflows
class WhiteRabbitNeoClient:
    def __init__(self, model_endpoint, api_key=None):
        self.endpoint = model_endpoint
        self.api_key = api_key
    
    def security_analysis(self, target_info, analysis_type):
        prompt = f"""
        Conduct a {analysis_type} security analysis for the following target:
        
        Target Information: {target_info}
        
        Please provide comprehensive guidance including:
        1. Methodology and approach
        2. Specific tools and techniques
        3. Expected findings and indicators
        4. Documentation and reporting requirements
        """
        
        return self.generate_response(prompt)
    
    def exploit_development(self, vulnerability_info):
        prompt = f"""
        Provide exploit development guidance for the following vulnerability:
        
        Vulnerability Details: {vulnerability_info}
        
        Include:
        1. Exploitation methodology
        2. Payload development
        3. Reliability and stability considerations
        4. Evasion techniques
        """
        
        return self.generate_response(prompt)

Workflow Integration

# Example integration with security testing workflows
class SecurityTestingWorkflow:
    def __init__(self, white_rabbit_client):
        self.ai_client = white_rabbit_client
        self.results = {}
    
    def reconnaissance_phase(self, target):
        prompt = f"Provide comprehensive reconnaissance guidance for target: {target}"
        guidance = self.ai_client.security_analysis(target, "reconnaissance")
        self.results['reconnaissance'] = guidance
        return guidance
    
    def vulnerability_assessment(self, scan_results):
        prompt = f"Analyze vulnerability scan results and provide exploitation guidance: {scan_results}"
        analysis = self.ai_client.security_analysis(scan_results, "vulnerability_assessment")
        self.results['vulnerability_assessment'] = analysis
        return analysis
    
    def generate_report(self):
        # Use White Rabbit Neo to help generate comprehensive security reports
        report_prompt = f"Generate a comprehensive security assessment report based on: {self.results}"
        return self.ai_client.generate_response(report_prompt)

Troubleshooting and Optimization

Common Issues and Solutions

Model Response Quality

• Issue: Generic or insufficiently detailed responses
• Solution: Provide more specific context, technical details, and clear objectives in your prompts

Ethical Boundaries

• Issue: Uncertainty about appropriate use cases
• Solution: Always establish proper authorization and ethical framework before engaging with security topics

Technical Accuracy

• Issue: Outdated or inaccurate technical information
• Solution: Cross-reference guidance with current security resources and validate in controlled environments

Integration Challenges

• Issue: Difficulty integrating with existing security workflows
• Solution: Start with simple use cases and gradually expand integration based on successful implementations

Performance Optimization

Prompt Engineering

• Use specific, technical language appropriate for cybersecurity contexts
• Provide clear objectives and expected outcomes
• Include relevant technical constraints and environmental factors

Model Selection

• Use 13B model for faster responses to routine queries
• Use 33B model for complex analysis and advanced techniques
• Consider specialized sub-models for specific use cases

Resource Management

• Implement appropriate caching for frequently used guidance
• Optimize prompt length and complexity based on available resources
• Monitor performance and adjust deployment configuration as needed

---

White Rabbit Neo represents a powerful tool for legitimate cybersecurity professionals. This cheat sheet provides comprehensive guidance for maximizing its capabilities while maintaining the highest ethical and professional standards. Always ensure proper authorization and responsible use in all cybersecurity activities.