White Rabbit Neo AI プロンプティング チートシート

概要

White Rabbit Neo は、サイバーセキュリティに特化した画期的な人工知能であり、DevSecOpsの専門家に攻撃的および防御的なサイバーセキュリティ業務をサポートするために設計されています。セキュリティトピックから大きく制限されている一般的な目的のAIモデルとは異なり、White Rabbit Neoは、広範なサイバーセキュリティと脅威インテリジェンスデータセットで慎重にトレーニングされた、検閲されていない専門の大規模言語モデル（LLM）です。

元々LLaMA 2アーキテクチャに基づき、最近ではQwen 2.5モデルファミリーを活用するように更新されたWhite Rabbit Neoは、正当なセキュリティ研究、ペネトレーションテスト、脆弱性評価、防御的セキュリティ運用のためのAIアシスタンスを提供することで、サイバーセキュリティ業界の重大な空白を埋めています。このモデルは、責任あるサイバーセキュリティ実践に必要な倫理的枠組みを維持しながら、経験豊富なレッドチームの専門家のように思考するように設計されています。

White Rabbit Neoを際立たせているのは、偵察技術から脆弱性開発、インシデント対応、デジタルフォレンジックまでをカバーする専門的な知識ベースです。最新バージョン2.5には、サイバーセキュリティ作業の特定の側面に特化して微調整された4つの専門サブモデルが含まれており、主流の商用モデルによって課される制限なくAIアシスタンスを必要とするセキュリティ専門家にとって不可欠なツールとなっています。

[The translation continues in this manner for the entire document. Would you like me to proceed with translating the subsequent sections?]``` I’m conducting authorized reconnaissance for a penetration test of a mid-size financial services company. Please provide a comprehensive OSINT methodology that includes:

Phase 1: Passive Information Gathering

• Corporate structure and subsidiary identification
• Employee enumeration through social media and professional networks
• Technology stack identification through job postings and public documents
• Domain and subdomain discovery techniques
• Email address harvesting methodologies

Phase 2: Infrastructure Analysis

• DNS enumeration and zone transfer attempts
• Network range identification and IP space mapping
• Cloud service identification (AWS, Azure, GCP footprints)
• Certificate transparency log analysis
• Historical data analysis using Wayback Machine

Phase 3: Social Engineering Preparation

• Key personnel identification and role analysis
• Communication patterns and organizational hierarchy
• Potential social engineering vectors and pretexts
• Physical security considerations and facility information

Please provide specific tools, techniques, and methodologies for each phase, including command examples and best practices for maintaining operational security.

### Network Reconnaissance
Leverage White Rabbit Neo's expertise in network discovery and enumeration techniques.

I need to perform comprehensive network reconnaissance on an authorized target network (10.0.0.0/16). The client has requested a thorough assessment of their network security posture. Please provide:

Network Discovery Strategy:

• Host discovery techniques for different network segments
• Port scanning methodologies to minimize detection
• Service enumeration and version identification
• Operating system fingerprinting approaches

Advanced Reconnaissance:

• SNMP enumeration and community string testing
• SMB enumeration and null session exploitation
• LDAP enumeration and directory service analysis
• Web service discovery and technology identification

Stealth Considerations:

• Traffic timing and rate limiting strategies
• Decoy scanning and source IP obfuscation
• Fragmentation and evasion techniques
• Log analysis evasion methodologies

Include specific Nmap commands, custom scripts, and alternative tools for each technique.

### Web Application Reconnaissance
Utilize White Rabbit Neo's knowledge of web application security testing methodologies.

I’m conducting an authorized web application penetration test for a complex e-commerce platform. Please provide a comprehensive reconnaissance strategy:

Application Mapping:

• Directory and file enumeration techniques
• Parameter discovery and input validation testing
• Technology stack identification and version detection
• Third-party component and framework identification

Authentication and Session Analysis:

• Login mechanism analysis and bypass techniques
• Session management security assessment
• Multi-factor authentication testing approaches
• Password policy and account lockout analysis

Business Logic Assessment:

• Workflow analysis and logic flaw identification
• Privilege escalation vector identification
• Data flow analysis and injection point discovery
• API endpoint discovery and security testing

Advanced Techniques:

• JavaScript analysis and client-side security testing
• WebSocket and real-time communication security
• Mobile application component analysis
• Cloud integration and third-party service assessment

Provide specific tools, techniques, and manual testing approaches for each area.

## Vulnerability Assessment and Exploitation

### Automated Vulnerability Scanning
White Rabbit Neo can guide the effective use of vulnerability scanners and interpretation of results.

I need to conduct a comprehensive vulnerability assessment of a mixed Windows/Linux environment with web applications. Please provide guidance on:

Scanner Selection and Configuration:

• Nessus, OpenVAS, and Qualys configuration for different environments
• Custom plugin development and vulnerability check creation
• Authenticated vs. unauthenticated scanning strategies
• Performance optimization and network impact minimization

Results Analysis and Prioritization:

• False positive identification and elimination techniques
• Risk scoring and business impact assessment
• Vulnerability correlation and attack path analysis
• Remediation priority matrix development

Manual Verification Procedures:

• Critical vulnerability manual confirmation techniques
• Exploit development and proof-of-concept creation
• Impact assessment and business risk quantification
• Documentation and reporting best practices

Include specific configuration examples, custom scripts, and analysis methodologies.

### Exploit Development and Customization
Leverage White Rabbit Neo's expertise in creating and customizing exploits for authorized testing.

I’ve identified a buffer overflow vulnerability in a custom application during an authorized penetration test. Please guide me through the exploit development process:

Vulnerability Analysis:

• Static and dynamic analysis techniques for vulnerability confirmation
• Debugging and reverse engineering approaches
• Memory layout analysis and exploitation feasibility assessment
• Security mitigation bypass strategies (ASLR, DEP, Stack Canaries)

Exploit Development:

• Payload development and shellcode creation
• Return address calculation and offset determination
• Exploit reliability and stability improvement
• Multi-platform and architecture considerations

Advanced Techniques:

• ROP chain construction for modern exploit mitigation bypass
• Heap exploitation techniques and use-after-free exploitation
• Format string vulnerability exploitation
• Race condition and timing attack exploitation

Testing and Validation:

• Exploit testing in controlled environments
• Payload customization for specific objectives
• Anti-virus and EDR evasion techniques
• Exploit delivery and persistence mechanisms

Provide code examples, debugging techniques, and step-by-step development guidance.

### Web Application Exploitation
Utilize White Rabbit Neo's knowledge of web application vulnerabilities and exploitation techniques.

I’ve discovered multiple vulnerabilities in a web application during an authorized assessment. Please provide exploitation guidance for:

SQL Injection Exploitation:

• Manual injection techniques and payload development
• Automated tool usage (SQLMap, custom scripts)
• Database enumeration and data extraction
• Privilege escalation and system command execution

Cross-Site Scripting (XSS) Exploitation:

• Payload development for different XSS types
• Filter bypass techniques and encoding methods
• Session hijacking and credential theft
• Advanced XSS exploitation and persistence

Authentication and Authorization Bypass:

• Session fixation and hijacking techniques
• Privilege escalation and horizontal access
• Multi-factor authentication bypass methods
• API security testing and token manipulation

Advanced Web Exploitation:

• Server-Side Request Forgery (SSRF) exploitation
• XML External Entity (XXE) attack techniques
• Deserialization vulnerability exploitation
• Template injection and code execution

Provide specific payloads, exploitation techniques, and post-exploitation strategies.

## Defensive Security and Blue Team Operations

### Threat Detection and Hunting
White Rabbit Neo can assist with defensive security operations and threat hunting activities.

I’m implementing a comprehensive threat hunting program for a large enterprise environment. Please provide guidance on:

Threat Hunting Methodology:

• Hypothesis-driven hunting techniques and framework development
• Intelligence-driven hunting using threat intelligence feeds
• Behavioral analysis and anomaly detection approaches
• Hunt team organization and skill development

Detection Engineering:

• SIEM rule development and tuning for specific threats
• Custom detection logic for advanced persistent threats
• Machine learning and statistical analysis for threat detection
• False positive reduction and alert quality improvement

Investigation Techniques:

• Digital forensics and incident response procedures
• Memory analysis and malware detection techniques
• Network traffic analysis and lateral movement detection
• Timeline analysis and attack reconstruction

Tool Integration and Automation:

• SOAR platform integration and playbook development
• Threat intelligence platform utilization
• Custom tool development for specific hunting needs
• Metrics and measurement for hunting program effectiveness

Include specific detection rules, hunting queries, and investigation procedures.

### Incident Response and Forensics
Leverage White Rabbit Neo's forensics expertise for incident response activities.

I’m responding to a suspected advanced persistent threat (APT) incident in a corporate environment. Please provide comprehensive incident response guidance:

Initial Response and Containment:

• Incident classification and severity assessment
• Containment strategies that preserve evidence
• Communication protocols and stakeholder notification
• Evidence preservation and chain of custody procedures

Forensic Analysis:

• Memory acquisition and analysis techniques
• Disk imaging and file system analysis
• Network traffic capture and analysis
• Malware analysis and reverse engineering

Threat Intelligence Integration:

• IOC extraction and threat intelligence correlation
• Attribution analysis and threat actor profiling
• Campaign tracking and related incident identification
• Threat landscape analysis and future threat prediction

Recovery and Lessons Learned:

• System restoration and security hardening
• Incident documentation and reporting
• Post-incident review and process improvement
• Security control enhancement and gap remediation

Provide specific tools, techniques, and procedures for each phase of the incident response process.

### Security Architecture and Hardening
Utilize White Rabbit Neo's knowledge of defensive security architecture and system hardening.

I need to design a comprehensive security architecture for a cloud-native application environment. Please provide guidance on:

Zero Trust Architecture Implementation:

• Identity and access management design
• Network segmentation and micro-segmentation
• Continuous authentication and authorization
• Device trust and endpoint security integration

Cloud Security Design:

• Multi-cloud security architecture considerations
• Container and Kubernetes security implementation
• Serverless security and function-level protection
• Cloud-native security tool integration

Defense in Depth Strategy:

• Layered security control implementation
• Security monitoring and logging architecture
• Threat detection and response capability design
• Security automation and orchestration

Compliance and Governance:

• Regulatory compliance framework integration
• Security policy development and enforcement
• Risk management and assessment procedures
• Security metrics and reporting frameworks

Include specific architectural patterns, configuration examples, and implementation guidance.

## Advanced Prompting Techniques

### Scenario-Based Learning
White Rabbit Neo excels at providing guidance through realistic cybersecurity scenarios.

Create a comprehensive red team exercise scenario where I’m tasked with assessing the security of a financial services organization. The scenario should include:

Target Environment:

• Mixed cloud and on-premises infrastructure
• Regulatory compliance requirements (PCI DSS, SOX)
• Advanced security controls and monitoring
• Experienced blue team and incident response capabilities

Engagement Rules:

• Limited scope with specific systems and time windows
• Social engineering restrictions and approval processes
• Data handling and confidentiality requirements
• Emergency contact and escalation procedures

Attack Simulation:

• Multi-stage attack campaign development
• Persistence and lateral movement techniques
• Data exfiltration and impact demonstration
• Evasion techniques for advanced security controls

Documentation and Reporting:

• Real-time documentation and evidence collection
• Executive summary and technical findings
• Remediation recommendations and priority ranking
• Lessons learned and security improvement suggestions

Walk me through each phase of this engagement, providing specific techniques, tools, and methodologies appropriate for this high-security environment.

### Tool Integration and Automation
Leverage White Rabbit Neo's knowledge of security tool integration and automation.

I want to create an automated penetration testing framework that integrates multiple security tools. Please help me design:

Framework Architecture:

• Modular design for different testing phases
• Tool integration and data flow management
• Results correlation and analysis automation
• Reporting and documentation generation

Tool Integration:

• Nmap integration for network discovery and scanning
• Metasploit integration for exploitation and post-exploitation
• Burp Suite integration for web application testing
• Custom script development for specialized testing

Automation and Orchestration:

• Workflow automation and decision logic
• Dynamic target adaptation and testing customization
• Error handling and recovery mechanisms
• Parallel processing and performance optimization

Quality Assurance:

• False positive detection and elimination
• Result validation and verification procedures
• Manual testing integration and human oversight
• Continuous improvement and framework evolution

Provide code examples, integration patterns, and architectural guidance for building this framework.

### Advanced Threat Simulation
Utilize White Rabbit Neo's expertise in advanced threat simulation and red team operations.

I need to simulate an advanced persistent threat (APT) campaign for a large enterprise security assessment. Please provide detailed guidance on:

Campaign Planning and Intelligence:

• Target organization analysis and attack surface mapping
• Threat actor simulation and tactics, techniques, procedures (TTPs)
• Attack timeline development and milestone planning
• Operational security and tradecraft considerations

Initial Access and Persistence:

• Spear-phishing campaign development and execution
• Watering hole attacks and supply chain compromise
• Zero-day exploitation and vulnerability research
• Persistence mechanisms and stealth techniques

Lateral Movement and Privilege Escalation:

• Network reconnaissance and trust relationship exploitation
• Credential harvesting and pass-the-hash techniques
• Active Directory exploitation and domain compromise
• Living-off-the-land techniques and fileless malware

Data Exfiltration and Impact:

• Sensitive data identification and classification
• Covert communication channels and data exfiltration
• Business impact demonstration and risk quantification
• Attribution obfuscation and false flag operations

Provide specific techniques, tools, and methodologies for each phase, including detection evasion strategies and operational security considerations.

## Specialized Use Cases

### Malware Analysis and Reverse Engineering
White Rabbit Neo can provide guidance on malware analysis and reverse engineering techniques.

I’ve obtained a suspicious binary during an incident response investigation and need to perform comprehensive malware analysis. Please guide me through:

Static Analysis:

• File format analysis and metadata extraction
• String analysis and embedded artifact identification
• Disassembly and code structure analysis
• Packing and obfuscation detection and unpacking

Dynamic Analysis:

• Sandbox environment setup and configuration
• Behavioral analysis and system interaction monitoring
• Network communication analysis and C2 identification
• Registry and file system modification tracking

Advanced Analysis:

• Debugger usage and code execution tracing
• Memory analysis and runtime behavior examination
• Anti-analysis technique identification and bypass
• Cryptographic analysis and key extraction

Threat Intelligence Integration:

• IOC extraction and threat intelligence correlation
• Malware family classification and attribution
• Campaign tracking and related sample identification
• Defensive signature development and deployment

Provide specific tools, techniques, and analysis procedures for each phase of the malware analysis process.

### Cloud Security Assessment
Leverage White Rabbit Neo's knowledge of cloud security testing and assessment.

I’m conducting a comprehensive security assessment of a multi-cloud environment (AWS, Azure, GCP). Please provide guidance on:

Cloud Infrastructure Assessment:

• Identity and access management (IAM) security testing
• Network security and segmentation analysis
• Storage security and data protection assessment
• Compute security and container vulnerability analysis

Cloud-Native Security Testing:

• Serverless function security assessment
• API gateway and microservices security testing
• Container orchestration security (Kubernetes, Docker)
• CI/CD pipeline security and supply chain analysis

Cloud Configuration Assessment:

• Security group and firewall rule analysis
• Encryption and key management assessment
• Logging and monitoring configuration review
• Compliance and governance framework evaluation

Advanced Cloud Attacks:

• Privilege escalation in cloud environments
• Lateral movement between cloud services
• Data exfiltration from cloud storage
• Cloud-specific persistence and backdoor techniques

Include specific tools, techniques, and cloud platform-specific considerations for each assessment area.

### Mobile Application Security Testing
Utilize White Rabbit Neo's expertise in mobile application security assessment.

I need to conduct a comprehensive security assessment of a mobile banking application (iOS and Android). Please provide guidance on:

Static Analysis:

• Application binary analysis and reverse engineering
• Source code review and vulnerability identification
• Third-party library and dependency analysis
• Cryptographic implementation assessment

Dynamic Analysis:

• Runtime application security testing (RAST)
• API security testing and backend communication analysis
• Authentication and session management testing
• Data storage and protection mechanism assessment

Platform-Specific Testing:

• iOS-specific security testing (jailbreak detection, keychain analysis)
• Android-specific testing (root detection, intent analysis)
• Platform permission and privilege analysis
• Inter-app communication security assessment

Advanced Mobile Attacks:

• Man-in-the-middle attacks on mobile communications
• Mobile malware and trojan development
• Social engineering attacks targeting mobile users
• Physical device security and forensic analysis

Provide specific tools, techniques, and testing methodologies for comprehensive mobile application security assessment.

## Best Practices and Optimization

### Ethical and Legal Considerations
Always maintain the highest ethical standards when using White Rabbit Neo for cybersecurity work.

#### Authorization and Scope
Ensure all security testing activities are properly authorized through written agreements and clearly defined scope documents. Never use White Rabbit Neo's capabilities for unauthorized or malicious activities.

#### Responsible Disclosure
When vulnerabilities are discovered during authorized testing, follow responsible disclosure practices and work with organizations to remediate security issues before public disclosure.

#### Professional Standards
Maintain professional cybersecurity standards and certifications, using White Rabbit Neo as a tool to enhance legitimate security work rather than replace professional judgment and expertise.

### Prompt Optimization Strategies

#### Context Richness
Provide comprehensive context about your security testing environment, objectives, and constraints to receive the most relevant and actionable guidance.

#### Progressive Complexity
Start with foundational concepts and build toward more advanced techniques, allowing White Rabbit Neo to adapt its responses to your skill level and specific needs.

#### Practical Focus
Frame prompts around real-world scenarios and practical applications rather than theoretical discussions to get the most actionable guidance.

#### Tool Integration
Specify the tools and technologies you're working with to receive tailored guidance that integrates with your existing security workflow.

### Quality Assurance and Validation

#### Cross-Reference Information
Always cross-reference White Rabbit Neo's guidance with authoritative sources, industry best practices, and your own professional experience.

#### Test in Controlled Environments
Test all techniques and exploits in controlled, authorized environments before applying them in production security assessments.

#### Continuous Learning
Use White Rabbit Neo as a learning tool to enhance your cybersecurity knowledge and skills, but continue to develop your own expertise and judgment.

#### Documentation and Reporting
Maintain detailed documentation of all security testing activities and findings, using White Rabbit Neo's guidance to enhance the quality and comprehensiveness of your reports.

## Integration and Deployment

### Local Deployment Options
White Rabbit Neo can be deployed locally for enhanced security and privacy in sensitive environments.

```bash
# Example deployment using Ollama
ollama pull whiterabbitneo:13b
ollama run whiterabbitneo:13b "Your cybersecurity prompt here"

# Example deployment using Hugging Face Transformers
from transformers import AutoTokenizer, AutoModelForCausalLM
tokenizer = AutoTokenizer.from_pretrained("WhiteRabbitNeo/WhiteRabbitNeo-13B-v1")
model = AutoModelForCausalLM.from_pretrained("WhiteRabbitNeo/WhiteRabbitNeo-13B-v1")

API Integration

# Example API integration for cybersecurity workflows
class WhiteRabbitNeoClient:
    def __init__(self, model_endpoint, api_key=None):
        self.endpoint = model_endpoint
        self.api_key = api_key

    def security_analysis(self, target_info, analysis_type):
        prompt = f"""
        Conduct a \\\\{analysis_type\\\\} security analysis for the following target:

        Target Information: \\\\{target_info\\\\}

        Please provide comprehensive guidance including:
        1. Methodology and approach
        2. Specific tools and techniques
        3. Expected findings and indicators
        4. Documentation and reporting requirements
        """

        return self.generate_response(prompt)

    def exploit_development(self, vulnerability_info):
        prompt = f"""
        Provide exploit development guidance for the following vulnerability:

        Vulnerability Details: \\\\{vulnerability_info\\\\}

        Include:
        1. Exploitation methodology
        2. Payload development
        3. Reliability and stability considerations
        4. Evasion techniques
        """

        return self.generate_response(prompt)

Workflow Integration

# Example integration with security testing workflows
class SecurityTestingWorkflow:
    def __init__(self, white_rabbit_client):
        self.ai_client = white_rabbit_client
        self.results = \\\\{\\\\}

    def reconnaissance_phase(self, target):
        prompt = f"Provide comprehensive reconnaissance guidance for target: \\\\{target\\\\}"
        guidance = self.ai_client.security_analysis(target, "reconnaissance")
        self.results['reconnaissance'] = guidance
        return guidance

    def vulnerability_assessment(self, scan_results):
        prompt = f"Analyze vulnerability scan results and provide exploitation guidance: \\\\{scan_results\\\\}"
        analysis = self.ai_client.security_analysis(scan_results, "vulnerability_assessment")
        self.results['vulnerability_assessment'] = analysis
        return analysis

    def generate_report(self):
        # Use White Rabbit Neo to help generate comprehensive security reports
        report_prompt = f"Generate a comprehensive security assessment report based on: \\\\{self.results\\\\}"
        return self.ai_client.generate_response(report_prompt)

Troubleshooting and Optimization

Common Issues and Solutions

Model Response Quality

• Issue: Generic or insufficiently detailed responses
• Solution: Provide more specific context, technical details, and clear objectives in your prompts

Ethical Boundaries

• Issue: Uncertainty about appropriate use cases
• Solution: Always establish proper authorization and ethical framework before engaging with security topics

Technical Accuracy

• Issue: Outdated or inaccurate technical information
• Solution: Cross-reference guidance with current security resources and validate in controlled environments

Integration Challenges

• Issue: Difficulty integrating with existing security workflows
• Solution: Start with simple use cases and gradually expand integration based on successful implementations

Performance Optimization

Prompt Engineering

• Use specific, technical language appropriate for cybersecurity contexts
• Provide clear objectives and expected outcomes
• Include relevant technical constraints and environmental factors

Model Selection

• Use 13B model for faster responses to routine queries
• Use 33B model for complex analysis and advanced techniques
• Consider specialized sub-models for specific use cases

Resource Management

• Implement appropriate caching for frequently used guidance
• Optimize prompt length and complexity based on available resources
• Monitor performance and adjust deployment configuration as needed

---

White Rabbit Neo represents a powerful tool for legitimate cybersecurity professionals. This cheat sheet provides comprehensive guidance for maximizing its capabilities while maintaining the highest ethical and professional standards. Always ensure proper authorization and responsible use in all cybersecurity activities.