creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 13:44:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/analyzing-ransomware-payment-wallets/references/api-reference.md
T
mukul975 c47eed6a64 Production hardening: security fixes, code quality, 724 skills complete 
- Fix 25 shell=True subprocess calls with list-based commands
- Fix 49 verify=False in defensive skills (env-var override)
- Add timeout to 231 HTTP/subprocess/socket calls
- Fix 6 SQL injection patterns with whitelist validation
- Replace 8 __import__() with standard imports
- Remove 701 unused imports across 442 files
- Add authorized-testing disclaimers to all offensive skills
- Complete 11 incomplete skill directories
- Expand 10 stub SKILL.md files with full content
- Fix 2 YAML parse errors in frontmatter
- Fix 5 pre-existing syntax errors
- Convert 22 hardcoded paths/ports to environment variables
- Back up 21 redundant skill pairs to .bak
- Fix 2 global declaration errors
- 724/724 skills with full folder anatomy (SKILL.md + agent.py + api-reference.md + LICENSE)
- 0 compile errors across all 724 agent.py files
2026-03-19 13:26:49 +01:00

3.0 KiB
Raw Blame History

API Reference: Ransomware Payment Wallet Analysis

blockchain.com API

Get Address Information

GET https://blockchain.info/rawaddr/{address}?limit=50

Returns transaction history, balance, and UTXO data for a Bitcoin address.

Response Fields

Field Type Description
address string Bitcoin address
n_tx int Total number of transactions
total_received int Total satoshis received
total_sent int Total satoshis sent
final_balance int Current balance in satoshis
txs array Array of transaction objects

Get Single Transaction

GET https://blockchain.info/rawtx/{tx_hash}

Get Unspent Outputs

GET https://blockchain.info/unspent?active={address}

Blockstream.info API

Get Address Stats

GET https://blockstream.info/api/address/{address}

Response Fields

Field Type Description
chain_stats.funded_txo_count int Number of funding transactions
chain_stats.spent_txo_count int Number of spending transactions
chain_stats.funded_txo_sum int Total satoshis funded
chain_stats.spent_txo_sum int Total satoshis spent

Get Address Transactions

GET https://blockstream.info/api/address/{address}/txs

WalletExplorer API

Look Up Address

GET https://www.walletexplorer.com/api/1/address?address={address}&caller=research

Response Fields

Field Type Description
wallet_id string Cluster wallet identifier
label string Known entity label (exchange, mixer, etc.)
is_exchange bool Whether address belongs to known exchange

Get Wallet Transactions

GET https://www.walletexplorer.com/api/1/wallet-addresses?wallet={wallet_id}&caller=research

Bitcoin Address Formats

Format Prefix Example Notes
P2PKH (Legacy) 1 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa Original format
P2SH (SegWit compatible) 3 3J98t1WpEZ73CNmQviecrnyiWrnqRhWNLy Script hash
Bech32 (Native SegWit) bc1q bc1qar0srrr7xfkvy5l643lydnw9re59gtzzwf5mdq Lower fees
Bech32m (Taproot) bc1p bc1p... Newest format

Common Ransomware Wallet Indicators

Pattern Significance
Single large inbound, rapid outbound Ransom payment received, quickly laundered
Multiple small inbound from different addresses Multiple victims paying same wallet
Outbound to known mixer addresses Laundering through CoinJoin/mixer services
Peel chain (sequential diminishing outputs) Structured laundering to evade detection
Transfer to exchange hot wallet Cash-out attempt via cryptocurrency exchange

OFAC SDN Sanctions Check

Download list: https://www.treasury.gov/ofac/downloads/sdnlist.txt
Search API:    https://sanctionssearch.ofac.treas.gov/

Check addresses against OFAC Specially Designated Nationals list for compliance.

Reference in New Issue View Git Blame Copy Permalink