creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-12 14:14:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

feat: add NIST CSF 2.0 nist_csf field to all 754 cybersecurity skills

Browse Source 
Mapped every skill to NIST CSF 2.0 subcategory IDs (GV/ID/PR/DE/RS/RC functions)
based on subdomain and content analysis. Restores 11 skills corrupted during
prior rebase, re-enriching with ATLAS, D3FEND, NIST AI RMF, and CSF 2.0 fields.

All 754 skills now carry structured mappings for all 5 security frameworks:
- MITRE ATT&CK (in tags)
- MITRE ATLAS v5.5 (atlas_techniques)
- MITRE D3FEND v1.3 (d3fend_techniques)
- NIST AI RMF 1.0 (nist_ai_rmf)
- NIST CSF 2.0 (nist_csf)
This commit is contained in:
mukul975
2026-04-06 11:17:31 +02:00
parent e8105a2f4d
commit efca3ec611
754 changed files with 12847 additions and 2832 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skills/exploiting-broken-function-level-authorization/SKILL.md
+19 -9
View File
@@ -1,19 +1,29 @@
---
name: exploiting-broken-function-level-authorization
description: >
Tests APIs for Broken Function Level Authorization (BFLA) vulnerabilities where regular
users can invoke administrative functions or access privileged API endpoints by directly
calling them. The tester identifies admin and privileged endpoints, then attempts to access
them with regular user credentials by manipulating HTTP methods, URL paths, and request
parameters. Maps to OWASP API5:2023 Broken Function Level Authorization. Activates for
requests involving BFLA testing, admin endpoint bypass, function-level access control
testing, or API privilege escalation.
description: 'Tests APIs for Broken Function Level Authorization (BFLA) vulnerabilities where regular users can invoke administrative
functions or access privileged API endpoints by directly calling them. The tester identifies admin and privileged endpoints,
then attempts to access them with regular user credentials by manipulating HTTP methods, URL paths, and request parameters.
Maps to OWASP API5:2023 Broken Function Level Authorization. Activates for requests involving BFLA testing, admin endpoint
bypass, function-level access control testing, or API privilege escalation.
'
domain: cybersecurity
subdomain: api-security
tags: [api-security, owasp, authorization, bfla, privilege-escalation, access-control]
tags:
- api-security
- owasp
- authorization
- bfla
- privilege-escalation
- access-control
version: 1.0.0
author: mahipal
license: Apache-2.0
nist_csf:
- PR.PS-01
- ID.RA-01
- PR.DS-10
- DE.CM-01
---
# Exploiting Broken Function Level Authorization