creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-26 19:54:37 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
768ca51c8d331ab0bdcea8ffb31c9b99bb2c1839
Anthropic-Cybersecurity-Skills/skills/performing-hardware-security-module-integration/SKILL.md
T
mukul975 cb8d79e068 Map all 754 skills to MITRE ATT&CK v19.1 
- Add validated mitre_attack frontmatter to all 754 skills (286 distinct
  techniques), verified against MITRE ATT&CK v19.1 via the official
  mitreattack-python library: 0 revoked, deprecated, or invalid IDs
- Curate precise per-skill technique IDs for forensics, malware-analysis,
  threat-intel, and red-team skills (e.g. DCSync -> T1003.006,
  Kerberoasting -> T1558.003, Pass-the-Ticket -> T1550.003)
- Reconcile v19.1 tactic restructuring: Defense Evasion split into
  Stealth (TA0005) and Defense Impairment (TA0112); revoked T1562.*
  family and T1070.001/.002 remapped to active equivalents (T1685.*)
- Normalize word-split tags across 35 skills (remove filename-derived
  stopword tags, add semantic cybersecurity tags)
- Add api-reference.md for 3 skills that were missing it
- Update README ATT&CK section with accurate v19.1 tactic distribution
2026-06-01 12:13:29 +02:00

2.3 KiB
Raw Blame History

name, description, domain, subdomain, tags, version, author, license, nist_ai_rmf, atlas_techniques, nist_csf, mitre_attack
name description domain subdomain tags version author license nist_ai_rmf atlas_techniques nist_csf mitre_attack
performing-hardware-security-module-integration Integrate Hardware Security Modules (HSMs) using PKCS#11 interface for cryptographic key management, signing operations, and secure key storage with python-pkcs11, AWS CloudHSM, and YubiHSM2. cybersecurity cryptography
HSM
PKCS11
CloudHSM
YubiHSM2
key-management
cryptographic-operations
hardware-security
1.0 mahipal Apache-2.0
MEASURE-2.7
MAP-5.1
MANAGE-2.4
AML.T0070
AML.T0066
AML.T0082
PR.DS-01
PR.DS-02
PR.DS-10
T1600
T1573
T1553
T1078.004
T1530

Performing Hardware Security Module Integration

Overview

Hardware Security Modules (HSMs) provide tamper-resistant cryptographic key storage and operations. This skill covers integrating with HSMs via the PKCS#11 standard interface using python-pkcs11, performing key generation, signing, encryption, and verification operations, querying token and slot information, and validating HSM configuration for compliance with FIPS 140-2/3 requirements.

When to Use

  • When conducting security assessments that involve performing hardware security module integration
  • When following incident response procedures for related security events
  • When performing scheduled security testing or auditing activities
  • When validating security controls through hands-on testing

Prerequisites

  • HSM device or software HSM (SoftHSM2 for testing)
  • PKCS#11 shared library (.so/.dll) for the HSM vendor
  • Python 3.9+ with python-pkcs11
  • Token initialized with SO PIN and user PIN
  • For AWS CloudHSM: cloudhsm-pkcs11 provider configured

Steps

  1. Load PKCS#11 library and enumerate available slots and tokens
  2. Open session and authenticate with user PIN
  3. Generate RSA 2048-bit or EC P-256 key pairs on the HSM
  4. Perform signing and verification using on-device keys
  5. List all objects (keys, certificates) stored on the token
  6. Query mechanism list to verify supported algorithms
  7. Generate compliance report with key inventory and algorithm audit

Expected Output

  • JSON report listing HSM slots, tokens, stored keys, supported mechanisms, and compliance status
  • Signing test results with key metadata and algorithm details
Reference in New Issue View Git Blame Copy Permalink