creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-12 14:14:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills

Browse Source 
Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders
This commit is contained in:
mukul975
2026-03-10 21:02:12 +01:00
parent c74d52fa30
commit 27c6414ca5
1390 changed files with 106806 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skills/implementing-cloud-workload-protection/references/api-reference.md
+61
View File
@@ -0,0 +1,61 @@
# API Reference: Implementing Cloud Workload Protection
## AWS SSM Run Command (boto3)
```python
import boto3
ssm = boto3.client("ssm")
# Execute command on instances
resp = ssm.send_command(
InstanceIds=["i-abc123"],
DocumentName="AWS-RunShellScript",
Parameters={"commands": ["ps aux"]},
TimeoutSeconds=60,
)
command_id = resp["Command"]["CommandId"]
# Get output
output = ssm.get_command_invocation(
CommandId=command_id, InstanceId="i-abc123"
)
print(output["StandardOutputContent"])
```
## CloudWatch CPU Monitoring
```python
cw = boto3.client("cloudwatch")
resp = cw.get_metric_statistics(
Namespace="AWS/EC2", MetricName="CPUUtilization",
Dimensions=[{"Name": "InstanceId", "Value": "i-abc123"}],
StartTime=start, EndTime=end, Period=300,
Statistics=["Average"],
)
```
## Key Detection Commands
| Threat | Command |
|--------|---------|
| Cryptominer | `ps aux \| grep -iE 'xmrig\|minerd'` |
| Reverse shell | `ss -tlnp \| grep ESTAB` |
| File integrity | `rpm -Va \| grep '^..5'` |
| Unauthorized binaries | `find /tmp -executable -type f` |
| Cron persistence | `crontab -l; ls /etc/cron.d/` |
## GuardDuty Integration
```python
gd = boto3.client("guardduty")
findings = gd.list_findings(DetectorId="detector-id")
for fid in findings["FindingIds"]:
detail = gd.get_findings(DetectorId="detector-id", FindingIds=[fid])
print(detail["Findings"][0]["Type"])
```
### References
- SSM Run Command: https://docs.aws.amazon.com/systems-manager/latest/userguide/run-command.html
- CloudWatch: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/cloudwatch.html
- GuardDuty: https://docs.aws.amazon.com/guardduty/latest/ug/