creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-15 15:34:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

feat: add NIST CSF 2.0 nist_csf field to all 754 cybersecurity skills

Browse Source 
Mapped every skill to NIST CSF 2.0 subcategory IDs (GV/ID/PR/DE/RS/RC functions)
based on subdomain and content analysis. Restores 11 skills corrupted during
prior rebase, re-enriching with ATLAS, D3FEND, NIST AI RMF, and CSF 2.0 fields.

All 754 skills now carry structured mappings for all 5 security frameworks:
- MITRE ATT&CK (in tags)
- MITRE ATLAS v5.5 (atlas_techniques)
- MITRE D3FEND v1.3 (d3fend_techniques)
- NIST AI RMF 1.0 (nist_ai_rmf)
- NIST CSF 2.0 (nist_csf)
This commit is contained in:
mukul975
2026-04-06 11:17:31 +02:00
parent e8105a2f4d
commit efca3ec611
754 changed files with 12847 additions and 2832 deletions
Download Patch File Download Diff File Expand all files Collapse all files
skills/exploiting-sql-injection-vulnerabilities/SKILL.md
+18 -9
View File
@@ -1,19 +1,28 @@
---
name: exploiting-sql-injection-vulnerabilities
description: >
Identifies and exploits SQL injection vulnerabilities in web applications during authorized
penetration tests using manual techniques and automated tools like sqlmap. The tester detects
injection points through error-based, union-based, blind boolean, and time-based blind
techniques across all major database engines (MySQL, PostgreSQL, MSSQL, Oracle) to demonstrate
data extraction, authentication bypass, and potential remote code execution. Activates for
requests involving SQL injection testing, SQLi exploitation, database security assessment,
or injection vulnerability verification.
description: 'Identifies and exploits SQL injection vulnerabilities in web applications during authorized penetration tests
using manual techniques and automated tools like sqlmap. The tester detects injection points through error-based, union-based,
blind boolean, and time-based blind techniques across all major database engines (MySQL, PostgreSQL, MSSQL, Oracle) to demonstrate
data extraction, authentication bypass, and potential remote code execution. Activates for requests involving SQL injection
testing, SQLi exploitation, database security assessment, or injection vulnerability verification.
'
domain: cybersecurity
subdomain: penetration-testing
tags: [SQL-injection, sqlmap, database-security, OWASP-A03, injection-testing]
tags:
- SQL-injection
- sqlmap
- database-security
- OWASP-A03
- injection-testing
version: 1.0.0
author: mahipal
license: Apache-2.0
nist_csf:
- ID.RA-01
- ID.RA-06
- GV.OV-02
- DE.AE-07
---
# Exploiting SQL Injection Vulnerabilities