mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 13:44:56 +03:00

Files

T

mukul975 27c6414ca5 Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills

Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders

2026-03-10 21:02:12 +01:00

2.3 KiB

Raw Blame History

API Reference: Implementing AWS Security Hub

Libraries

boto3 -- AWS Security Hub

Install: pip install boto3
Docs: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/securityhub.html

Key Methods

Method	Description
`enable_security_hub()`	Activate Security Hub in an account
`batch_enable_standards()`	Enable compliance standards (CIS, FSBP, PCI)
`get_enabled_standards()`	List enabled standards and their status
`get_findings()`	Retrieve security findings with filters
`batch_update_findings()`	Update finding status (resolve, suppress)
`batch_import_findings()`	Import custom findings in ASFF format
`create_insight()`	Create custom aggregation insight
`create_finding_aggregator()`	Enable cross-region finding aggregation
`enable_organization_admin_account()`	Designate delegated admin
`update_organization_configuration()`	Auto-enable for org members
`create_action_target()`	Create custom remediation action

Standard ARNs

Standard	ARN Pattern
CIS v5.0	`arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/5.0.0`
FSBP v1.0	`arn:aws:securityhub:{region}::standards/aws-foundational-security-best-practices/v/1.0.0`
PCI DSS 3.2.1	`arn:aws:securityhub:{region}::standards/pci-dss/v/3.2.1`
NIST 800-53 r5	`arn:aws:securityhub:{region}::standards/nist-800-53/v/5.0.0`

ASFF Finding Format (Key Fields)

SchemaVersion: "2018-10-08"
Id: Unique finding identifier
ProductArn: Source product ARN
Severity.Label: CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL
Compliance.Status: PASSED, FAILED, WARNING, NOT_AVAILABLE
Resources[]: Affected AWS resources
Workflow.Status: NEW, NOTIFIED, RESOLVED, SUPPRESSED

EventBridge Integration

Source: aws.securityhub
Detail type: Security Hub Findings - Imported
Filter by: Severity.Label, Compliance.Status, GeneratorId

External References

Security Hub User Guide: https://docs.aws.amazon.com/securityhub/latest/userguide/
ASFF Syntax: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html
Security Hub Controls: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-controls-reference.html

2.3 KiB Raw Blame History

API Reference: Implementing AWS Security Hub

Libraries

boto3 -- AWS Security Hub

Key Methods

Standard ARNs

ASFF Finding Format (Key Fields)

EventBridge Integration

External References

2.3 KiB

Raw Blame History