creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-15 15:34:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills

Browse Source 
Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders
This commit is contained in:
mukul975
2026-03-10 21:02:12 +01:00
parent c74d52fa30
commit 27c6414ca5
1390 changed files with 106806 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skills/performing-web-cache-poisoning-attack/references/api-reference.md
+61
View File
@@ -0,0 +1,61 @@
# API Reference: Web Cache Poisoning Attack Agent
## Overview
Tests web applications for cache poisoning vulnerabilities by identifying CDN infrastructure, testing unkeyed headers for reflection and caching, and checking for cache deception paths.
## Dependencies
| Package | Version | Purpose |
|---------|---------|---------|
| requests | >= 2.28 | HTTP requests with custom headers |
## Core Functions
### `identify_cache_layer(target_url)`
Detects caching infrastructure (Cloudflare, Varnish, Akamai, Fastly, CloudFront) from response headers.
- **Returns**: `dict` with `cdn_detected`, cache headers
### `test_cache_hit_miss(target_url)`
Sends 3 sequential requests with cache buster to observe HIT/MISS progression.
- **Returns**: `dict` with per-request cache status
### `test_unkeyed_headers(target_url)`
Tests 10 common unkeyed headers (X-Forwarded-Host, X-Original-URL, etc.) for reflection and cache poisoning.
- **Process**: Send header -> check reflection -> re-request without header -> verify cached poison
- **Returns**: `list[dict]` with `reflected`, `cached_poison`, `risk`
### `test_cache_key_normalization(target_url)`
Tests cache key handling for extra parameters, fragments, and trailing slashes.
- **Returns**: `list[dict]` - variation test results
### `test_cache_deception(target_url)`
Tests web cache deception by requesting authenticated pages with static file extensions (.css, .js, .png).
- **Returns**: `list[dict]` - cached sensitive endpoints
### `run_assessment(target_url)`
Full assessment pipeline with summary statistics.
## Unkeyed Headers Tested
| Header | Attack Vector |
|--------|--------------|
| X-Forwarded-Host | Host override for poisoning links/redirects |
| X-Forwarded-Scheme | HTTPS downgrade to HTTP |
| X-Original-URL | Path override (Nginx/IIS) |
| X-Rewrite-URL | Path override |
| X-Host | Alternative host injection |
| X-Forwarded-Port | Port injection |
## Risk Levels
| Level | Criteria |
|-------|----------|
| CRITICAL | Header reflected AND cached (full cache poison) |
| HIGH | Header reflected but not confirmed cached |
## Usage
```bash
python agent.py https://target.example.com
```