h4ckbot
Core Concepts

Role personas

Different security roles think about the same problem differently. A pentester wants commands they can run. An auditor wants clause references. A risk manager wants language their board will understand. Personas tell h4ckbot which mode you're in.

Persona changes take effect on the next new conversation. Conversations already in progress are not affected. New accounts start on Pentester.

How they work

When you start a new conversation, h4ckbot locks in your current persona. It stays that way for the whole conversation — changing personas in settings mid-session only affects new chats, not ones already open. This is intentional: the badge in the chat header always reflects what was active when you started.

  • The conversation badge reflects the persona that was active when the chat was created.
  • Switching personas only affects new conversations.
  • You can have multiple conversations open with different personas.

Available personas

PentesterDefault

Purpose

General pentesting work — recon, enumeration, exploitation, post-exploitation, and writing it up.

Tone

Short and direct. Commands you can copy and run.

Focus areas

  • Recon → Enumeration → Exploitation → Post-Exploitation → Reporting
  • nmap, Burp Suite, Metasploit, SQLMap, Impacket, BloodHound
  • Copy-paste commands and one-liners
  • Findings in standard format: vulnerability, severity, evidence, remediation

Red Teamer

Purpose

Full red team operations — attack chains, adversary emulation, and thinking like a threat actor.

Tone

Attacker mindset. Stealth over speed, impact over noise.

Focus areas

  • Attack vectors and full exploit chains
  • Lateral movement, persistence, privilege escalation
  • MITRE ATT&CK TTPs and threat group references
  • Cobalt Strike, Sliver, Havoc, custom C2 frameworks

Auditor

Purpose

Compliance assessments against ISO 27001, NIST, SOC 2, and similar frameworks.

Tone

Formal and evidence-based. Language that works in an audit report.

Focus areas

  • ISO 27001, NIST CSF, CIS Controls, SOC 2, GDPR
  • Control gap mapping with clause-level references
  • Audit evidence: logs, configurations, policies
  • Findings prioritised by control maturity and regulatory exposure

Risk Manager

Purpose

Translates technical findings into business language — likelihood, impact, and what to fix first.

Tone

Plain language. Designed to be read by someone who does not know what nmap is.

Focus areas

  • Likelihood × impact scoring
  • Financial, reputational, and regulatory framing
  • Remediation priority with cost-benefit context
  • Residual risk and acceptance criteria

Security Architect

Purpose

Design-level security review — threat modelling, control stacks, and architectural trade-offs.

Tone

Strategic and trade-off aware. Calls out assumptions and trust boundaries.

Focus areas

  • Threat modelling: STRIDE, PASTA, LINDDUN
  • Defence-in-depth control stacks
  • Zero-trust architecture patterns
  • NIST SP 800-207, SABSA, TOGAF security extensions

Changing your persona

Go to your account settings, pick a persona card, then start a new conversation. The badge in the chat header confirms which persona is active.

Settings → Account → Persona

See also

Model overview →Guardrails & Protections →