creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-12 22:24:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/auditing-azure-active-directory-configuration/references/api-reference.md
T
mukul975 27c6414ca5 Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills 
Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders
2026-03-10 21:02:12 +01:00

2.3 KiB
Raw Blame History

API Reference: Auditing Azure Active Directory Configuration

azure-identity Authentication

from azure.identity import DefaultAzureCredential, ClientSecretCredential

# Default (managed identity, env vars, CLI)
credential = DefaultAzureCredential()

# Service principal
credential = ClientSecretCredential(tenant_id, client_id, client_secret)

# Get Graph API token
token = credential.get_token("https://graph.microsoft.com/.default")

Microsoft Graph API Endpoints

Endpoint Description
GET /organization Tenant info and verified domains
GET /directoryRoles List directory roles
GET /directoryRoles/{id}/members Members of a role
GET /identity/conditionalAccess/policies Conditional Access policies
GET /users?$filter=userType eq 'Guest' Guest users
GET /users?$select=signInActivity User sign-in activity
GET /auditLogs/signIns Sign-in logs
GET /reports/authenticationMethods/userRegistrationDetails MFA registration

Python Graph API Helper

import requests

def graph_get(token, endpoint, params=None):
    headers = {"Authorization": f"Bearer {token}"}
    url = f"https://graph.microsoft.com/v1.0{endpoint}"
    return requests.get(url, headers=headers, params=params).json()

# List Global Admins
roles = graph_get(token, "/directoryRoles")
for role in roles["value"]:
    if role["displayName"] == "Global Administrator":
        members = graph_get(token, f"/directoryRoles/{role['id']}/members")

Key Conditional Access Policy Fields

{
  "displayName": "Require MFA for admins",
  "state": "enabled",
  "conditions": {
    "users": {"includeUsers": ["All"], "excludeGroups": ["break-glass"]},
    "clientAppTypes": ["all"]
  },
  "grantControls": {
    "builtInControls": ["mfa"]
  }
}

azure-mgmt-authorization (RBAC)

from azure.mgmt.authorization import AuthorizationManagementClient
client = AuthorizationManagementClient(credential, subscription_id)
for assignment in client.role_assignments.list():
    print(assignment.principal_id, assignment.role_definition_id)

References

Reference in New Issue View Git Blame Copy Permalink