creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 21:54:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills

Browse Source 
Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders
This commit is contained in:
mukul975
2026-03-10 21:02:12 +01:00
parent c74d52fa30
commit 27c6414ca5
1390 changed files with 106806 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skills/implementing-api-gateway-security-controls/references/api-reference.md
+59
View File
@@ -0,0 +1,59 @@
# API Reference: Implementing API Gateway Security Controls
## AWS API Gateway (boto3)
```python
import boto3
client = boto3.client("apigateway")
apis = client.get_rest_apis()["items"]
method = client.get_method(restApiId=api_id, resourceId=res_id, httpMethod="GET")
# Check: authorizationType, apiKeyRequired, requestValidatorId
stages = client.get_stages(restApiId=api_id)["item"]
# Check: accessLogSettings, methodSettings throttling
```
## Kong Admin API
```bash
# List services and their plugins
curl http://localhost:8001/services
curl http://localhost:8001/services/{id}/plugins
# Enable rate limiting
curl -X POST http://localhost:8001/services/{id}/plugins \
-d "name=rate-limiting" -d "config.minute=100"
# Enable JWT auth
curl -X POST http://localhost:8001/services/{id}/plugins \
-d "name=jwt"
```
## Security Controls Checklist
| Control | Gateway | Severity if Missing |
|---------|---------|---------------------|
| Authentication (JWT/OAuth) | All | CRITICAL |
| Rate Limiting | All | HIGH |
| Request Validation | All | MEDIUM |
| Access Logging | All | HIGH |
| TLS/mTLS | All | CRITICAL |
| CORS Policy | All | MEDIUM |
| IP Restriction | All | LOW |
## NGINX Gateway Security
```nginx
location /api/ {
limit_req zone=api burst=20 nodelay;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://backend;
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options DENY;
}
```
### References
- AWS API Gateway: https://docs.aws.amazon.com/apigateway/
- Kong Gateway: https://docs.konghq.com/gateway/
- Azure APIM: https://learn.microsoft.com/en-us/azure/api-management/