creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 13:44:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
ccce7d4e068efecc2f98c385c8e5c01d969fc9bc
Anthropic-Cybersecurity-Skills/skills/implementing-ddos-mitigation-with-cloudflare/scripts/agent.py
T
mukul975 27c6414ca5 Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills 
Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders
2026-03-10 21:02:12 +01:00

129 lines
4.6 KiB
Python
Raw Blame History

#!/usr/bin/env python3
"""DDoS mitigation agent using Cloudflare API for traffic analysis and rule management."""
import argparse
import json
import logging
import os
import sys
from datetime import datetime
from typing import Dict, List
try:
import requests
except ImportError:
sys.exit("requests required: pip install requests")
logging.basicConfig(level=logging.INFO, format="%(asctime)s [%(levelname)s] %(message)s")
logger = logging.getLogger(__name__)
CF_API = "https://api.cloudflare.com/client/v4"
class CloudflareClient:
"""Client for Cloudflare API v4."""
def __init__(self, api_token: str):
self.session = requests.Session()
self.session.headers.update({
"Authorization": f"Bearer {api_token}",
"Content-Type": "application/json",
})
def list_zones(self) -> List[dict]:
resp = self.session.get(f"{CF_API}/zones", timeout=15)
resp.raise_for_status()
return resp.json().get("result", [])
def get_zone_analytics(self, zone_id: str, since: str = "-1440") -> dict:
resp = self.session.get(
f"{CF_API}/zones/{zone_id}/analytics/dashboard",
params={"since": since}, timeout=15)
return resp.json().get("result", {}) if resp.status_code == 200 else {}
def get_firewall_events(self, zone_id: str, limit: int = 100) -> List[dict]:
resp = self.session.get(
f"{CF_API}/zones/{zone_id}/security/events",
params={"per_page": limit}, timeout=15)
return resp.json().get("result", []) if resp.status_code == 200 else []
def get_ddos_settings(self, zone_id: str) -> dict:
resp = self.session.get(
f"{CF_API}/zones/{zone_id}/firewall/ddos_protection", timeout=15)
return resp.json().get("result", {}) if resp.status_code == 200 else {}
def create_rate_limit_rule(self, zone_id: str, url_pattern: str,
threshold: int, period: int) -> dict:
payload = {
"match": {"request": {"url_pattern": url_pattern}},
"threshold": threshold,
"period": period,
"action": {"mode": "challenge"},
}
resp = self.session.post(
f"{CF_API}/zones/{zone_id}/rate_limits", json=payload, timeout=15)
return resp.json().get("result", {})
def set_security_level(self, zone_id: str, level: str = "high") -> dict:
resp = self.session.patch(
f"{CF_API}/zones/{zone_id}/settings/security_level",
json={"value": level}, timeout=15)
return resp.json().get("result", {})
def analyze_traffic(analytics: dict) -> dict:
"""Analyze traffic patterns for DDoS indicators."""
totals = analytics.get("totals", {})
requests_data = totals.get("requests", {})
threats = totals.get("threats", {})
return {
"total_requests": requests_data.get("all", 0),
"cached_requests": requests_data.get("cached", 0),
"threats_blocked": threats.get("all", 0),
"bandwidth_bytes": totals.get("bandwidth", {}).get("all", 0),
}
def generate_report(client: CloudflareClient) -> dict:
"""Generate DDoS mitigation posture report."""
zones = client.list_zones()
report = {"analysis_date": datetime.utcnow().isoformat(), "zones": []}
for zone in zones[:10]:
zid = zone["id"]
analytics = client.get_zone_analytics(zid)
traffic = analyze_traffic(analytics)
events = client.get_firewall_events(zid, 50)
ddos_settings = client.get_ddos_settings(zid)
report["zones"].append({
"name": zone["name"], "id": zid,
"traffic": traffic,
"security_events": len(events),
"ddos_protection": ddos_settings,
})
report["summary"] = {
"zones_assessed": len(report["zones"]),
"total_threats": sum(z["traffic"]["threats_blocked"] for z in report["zones"]),
}
return report
def main():
parser = argparse.ArgumentParser(description="Cloudflare DDoS Mitigation Agent")
parser.add_argument("--api-token", required=True, help="Cloudflare API token")
parser.add_argument("--output-dir", default=".")
parser.add_argument("--output", default="cloudflare_ddos_report.json")
args = parser.parse_args()
os.makedirs(args.output_dir, exist_ok=True)
client = CloudflareClient(args.api_token)
report = generate_report(client)
out_path = os.path.join(args.output_dir, args.output)
with open(out_path, "w") as f:
json.dump(report, f, indent=2)
logger.info("Report saved to %s", out_path)
print(json.dumps(report["summary"], indent=2))
if __name__ == "__main__":
main()
Reference in New Issue View Git Blame Copy Permalink