creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-16 07:53:18 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills

Browse Source 
Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders
This commit is contained in:
mukul975
2026-03-10 21:02:12 +01:00
parent c74d52fa30
commit 27c6414ca5
1390 changed files with 106806 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skills/implementing-application-whitelisting-with-applocker/references/api-reference.md
+58
View File
@@ -0,0 +1,58 @@
# API Reference: Implementing Application Whitelisting with AppLocker
## PowerShell AppLocker Management
```powershell
# Export current policy
Get-AppLockerPolicy -Effective -Xml | Out-File applocker_policy.xml
# Import policy from XML
Set-AppLockerPolicy -XmlPolicy applocker_policy.xml
# Test if file is allowed
Test-AppLockerPolicy -XmlPolicy policy.xml -Path "C:\app.exe" -User Everyone
# Get AppLocker event logs
Get-WinEvent -LogName "Microsoft-Windows-AppLocker/EXE and DLL"
```
## AppLocker Event IDs
| Event ID | Type | Meaning |
|----------|------|---------|
| 8002 | EXE/DLL | Allowed |
| 8003 | EXE/DLL | Blocked |
| 8004 | EXE/DLL | Would block (audit) |
| 8005 | Script | Allowed |
| 8006 | Script | Blocked |
| 8007 | Script | Would block (audit) |
## Rule Collections
| Collection | File Types |
|------------|------------|
| Executable | .exe, .com |
| Windows Installer | .msi, .msp, .mst |
| Script | .ps1, .bat, .cmd, .vbs, .js |
| DLL | .dll, .ocx |
| Packaged App | AppX/MSIX |
## GPO Configuration Path
```
Computer Configuration > Policies > Windows Settings >
Security Settings > Application Control Policies > AppLocker
```
## Default Rule Paths
```
%PROGRAMFILES%\* - Allow Everyone
%WINDIR%\* - Allow Everyone
* - Allow BUILTIN\Administrators
```
### References
- AppLocker: https://learn.microsoft.com/en-us/windows/security/application-security/application-control/app-control-for-business/applocker/applocker-overview
- AppLocker PowerShell: https://learn.microsoft.com/en-us/powershell/module/applocker/