mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-12 06:04:56 +03:00
mukul975
c21af3347e
- Add scripts/agent.py and references/api-reference.md to all remaining skills - Update all 648 LICENSE files: copyright now reads 'Mahipal' - Add implementing-security-monitoring-with-datadog (new skill with full anatomy) - All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
27 lines
791 B
Markdown
27 lines
791 B
Markdown
# API Reference — Performing GraphQL Introspection Attack
|
|
|
|
## Libraries Used
|
|
- **requests**: Send GraphQL introspection queries and depth test payloads
|
|
|
|
## CLI Interface
|
|
```
|
|
python agent.py introspect --url <graphql_endpoint> [--auth-header "Bearer token"]
|
|
python agent.py depth --url <graphql_endpoint> [--max-depth 10]
|
|
```
|
|
|
|
## Core Functions
|
|
|
|
### `run_introspection(url, headers)` — Execute `__schema` introspection query
|
|
Returns: types, queries, mutations, sensitive field detection.
|
|
|
|
### `test_depth_limit(url, max_depth, headers)` — Test query depth enforcement
|
|
Sends increasingly nested queries to detect missing depth limits.
|
|
|
|
## Sensitive Field Patterns
|
|
`password`, `token`, `secret`, `credential`, `ssn`, `credit_card`, `api_key`
|
|
|
|
## Dependencies
|
|
```
|
|
pip install requests
|
|
```
|