mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-13 19:05:17 +03:00
Initial commit - 611 cybersecurity skills across all subdomains
This commit is contained in:
@@ -0,0 +1,52 @@
|
||||
# Workflows - Agentless Vulnerability Scanning
|
||||
|
||||
## Workflow 1: Multi-Protocol Scanning Pipeline
|
||||
|
||||
```
|
||||
┌──────────────────┐ ┌──────────────────┐ ┌──────────────────┐
|
||||
│ Asset Discovery │────>│ Classify by │────>│ Select Scanning │
|
||||
│ (CMDB/Network) │ │ OS / Platform │ │ Protocol │
|
||||
└──────────────────┘ └──────────────────┘ └──────────────────┘
|
||||
│
|
||||
┌──────────────┬──────────────┬─────────────────┘
|
||||
v v v
|
||||
┌──────────────┐ ┌──────────────┐ ┌──────────────┐
|
||||
│ SSH Scan │ │ WinRM Scan │ │ Cloud API │
|
||||
│ (Linux) │ │ (Windows) │ │ Snapshot Scan│
|
||||
└──────────────┘ └──────────────┘ └──────────────┘
|
||||
│ │ │
|
||||
└──────────────┴──────────────┘
|
||||
│
|
||||
v
|
||||
┌──────────────────┐
|
||||
│ Normalize & │
|
||||
│ Correlate Results│
|
||||
└──────────────────┘
|
||||
```
|
||||
|
||||
## Workflow 2: Cloud Snapshot Scan Process
|
||||
|
||||
```
|
||||
For each cloud VM:
|
||||
1. Identify attached volumes (root + data)
|
||||
2. Create snapshot of root volume via cloud API
|
||||
3. Mount snapshot in isolated analysis environment
|
||||
4. Extract OS metadata (packages, configs, users)
|
||||
5. Compare against vulnerability databases (NVD, vendor)
|
||||
6. Generate findings with CVE mappings
|
||||
7. Delete temporary snapshot
|
||||
8. Report findings to central dashboard
|
||||
```
|
||||
|
||||
## Workflow 3: Credential Validation Before Scan
|
||||
|
||||
```
|
||||
Pre-Scan Credential Check:
|
||||
For each target:
|
||||
1. Test SSH/WinRM connectivity (TCP handshake)
|
||||
2. Authenticate with stored credentials
|
||||
3. Execute lightweight test command
|
||||
4. Verify sudo/admin privileges if required
|
||||
5. Log result: Success / Auth Failure / Network Error
|
||||
6. Only proceed with scan if credential test passes
|
||||
```
|
||||
Reference in New Issue
Block a user