mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-18 05:29:40 +03:00
Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills
Complete skill folder anatomy across all cybersecurity skills: - scripts/agent.py: 80-150 line Python agents using real libraries (impacket, boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.) - references/api-reference.md: real API documentation with method signatures - LICENSE: MIT license for all skill folders
This commit is contained in:
@@ -0,0 +1,60 @@
|
||||
# API Reference: SSL Stripping Assessment Agent
|
||||
|
||||
## Overview
|
||||
|
||||
Automates SSL stripping vulnerability assessment by checking HSTS headers, preload list status, redirect chains, mixed content, and security headers using curl subprocess calls.
|
||||
|
||||
## Dependencies
|
||||
|
||||
| Package | Version | Purpose |
|
||||
|---------|---------|---------|
|
||||
| subprocess | stdlib | Runs curl for HTTP header inspection |
|
||||
| re | stdlib | Regex parsing of HSTS header values |
|
||||
| json | stdlib | Parses hstspreload.org API responses |
|
||||
|
||||
## External Tools Required
|
||||
|
||||
| Tool | Purpose |
|
||||
|------|---------|
|
||||
| curl | HTTP/HTTPS header and content fetching |
|
||||
|
||||
## Core Functions
|
||||
|
||||
### `check_hsts_header(target_url)`
|
||||
Fetches response headers and parses Strict-Transport-Security values.
|
||||
- **Returns**: `dict` with `hsts_present`, `max_age`, `include_subdomains`, `preload`
|
||||
|
||||
### `check_hsts_preload(domain)`
|
||||
Queries the hstspreload.org API to check browser preload list inclusion.
|
||||
- **Returns**: `dict` with `status` and `preloaded` boolean
|
||||
|
||||
### `check_redirect_chain(url)`
|
||||
Follows HTTP redirects to verify HTTPS upgrade behavior.
|
||||
- **Returns**: `dict` with `initial_url`, `final_url`, `upgrades_to_https`
|
||||
|
||||
### `check_mixed_content(url)`
|
||||
Scans page HTML for HTTP resource references on HTTPS pages.
|
||||
- **Returns**: `dict` with `mixed_content_found` and `http_reference_count`
|
||||
|
||||
### `check_security_headers(url)`
|
||||
Checks for CSP, X-Content-Type-Options, X-Frame-Options, and Upgrade-Insecure-Requests.
|
||||
- **Returns**: `dict[str, bool]` - header name to presence mapping
|
||||
|
||||
### `run_assessment(targets)`
|
||||
Full assessment pipeline for a list of target domains.
|
||||
- **Parameters**: `targets` (list[str]) - domain names
|
||||
- **Returns**: `list[dict]` - per-target assessment results with `ssl_strip_risk`
|
||||
|
||||
## Risk Levels
|
||||
|
||||
| Level | Criteria |
|
||||
|-------|----------|
|
||||
| HIGH | No HSTS header present |
|
||||
| MEDIUM | HSTS present but not in preload list |
|
||||
| LOW | HSTS with preload list inclusion |
|
||||
|
||||
## Usage
|
||||
|
||||
```bash
|
||||
python agent.py example.com banking.example.com api.example.com
|
||||
```
|
||||
Reference in New Issue
Block a user