mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-18 13:39:40 +03:00
Production hardening: security fixes, code quality, 724 skills complete
- Fix 25 shell=True subprocess calls with list-based commands - Fix 49 verify=False in defensive skills (env-var override) - Add timeout to 231 HTTP/subprocess/socket calls - Fix 6 SQL injection patterns with whitelist validation - Replace 8 __import__() with standard imports - Remove 701 unused imports across 442 files - Add authorized-testing disclaimers to all offensive skills - Complete 11 incomplete skill directories - Expand 10 stub SKILL.md files with full content - Fix 2 YAML parse errors in frontmatter - Fix 5 pre-existing syntax errors - Convert 22 hardcoded paths/ports to environment variables - Back up 21 redundant skill pairs to .bak - Fix 2 global declaration errors - 724/724 skills with full folder anatomy (SKILL.md + agent.py + api-reference.md + LICENSE) - 0 compile errors across all 724 agent.py files
This commit is contained in:
@@ -7,7 +7,6 @@ import logging
|
||||
import subprocess
|
||||
import re
|
||||
import xml.etree.ElementTree as ET
|
||||
from collections import defaultdict
|
||||
from datetime import datetime
|
||||
|
||||
logging.basicConfig(level=logging.INFO, format="%(asctime)s [%(levelname)s] %(message)s")
|
||||
@@ -39,7 +38,7 @@ def query_sysmon_wmi_events(evtx_path=None, hours_back=72):
|
||||
if evtx_path:
|
||||
cmd = ["wevtutil", "qe", evtx_path, "/lf:true",
|
||||
"/q:*[System[EventID={}]]".format(event_id), "/f:xml", "/c:500"]
|
||||
result = subprocess.run(cmd, capture_output=True, text=True)
|
||||
result = subprocess.run(cmd, capture_output=True, text=True, timeout=120)
|
||||
for event_xml in re.findall(r"<Event.*?</Event>", result.stdout, re.DOTALL):
|
||||
try:
|
||||
root = ET.fromstring(event_xml)
|
||||
@@ -76,7 +75,7 @@ def enumerate_wmi_subscriptions():
|
||||
}
|
||||
for category, ps_cmd in ps_commands.items():
|
||||
cmd = ["powershell", "-Command", ps_cmd]
|
||||
result = subprocess.run(cmd, capture_output=True, text=True)
|
||||
result = subprocess.run(cmd, capture_output=True, text=True, timeout=120)
|
||||
if result.stdout.strip():
|
||||
try:
|
||||
data = json.loads(result.stdout)
|
||||
|
||||
Reference in New Issue
Block a user