creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 05:34:55 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/building-vulnerability-scanning-workflow/references/api-reference.md
T
mukul975 27c6414ca5 Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills 
Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders
2026-03-10 21:02:12 +01:00

1.7 KiB
Raw Blame History

API Reference: Vulnerability Scanning Workflow Agent

Overview

Orchestrates vulnerability scanning using Nmap and Nessus, enriches findings with CISA KEV data, applies risk-based prioritization, and generates remediation reports.

Dependencies

Package Version Purpose
python-nmap >=0.7.1 Nmap scan orchestration
requests >=2.28 REST API communication

CLI Usage

python agent.py --targets 192.168.1.0/24 --ports 1-1024 --output report.json
python agent.py --targets 10.0.0.0/16 --nessus-url https://nessus:8834 --nessus-keys "access;secret"

Key Functions

run_nmap_vuln_scan(targets, ports)

Runs Nmap with -sV --script=vulners,vulscan for service version detection and vulnerability matching.

fetch_cisa_kev()

Downloads the CISA Known Exploited Vulnerabilities JSON catalog and returns a set of CVE IDs.

launch_nessus_scan(nessus_url, api_keys, scan_name, targets)

Creates and launches a vulnerability scan via the Nessus REST API.

prioritize_vulnerabilities(vulns, kev_set, asset_criticality_map)

Applies risk scoring: risk_score = CVSS * asset_criticality * (1.5 if KEV). Assigns P1-P4 priority.

create_servicenow_ticket(snow_url, token, vuln)

Creates ServiceNow incident tickets for high-priority vulnerability findings.

generate_report(vulns)

Produces a formatted vulnerability scan summary with priority breakdown.

External APIs Used

API Endpoint Purpose
CISA KEV https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json Known exploited vulns
Nessus /scans, /scans/{id}/launch Scan management
ServiceNow /api/now/table/incident Ticket creation
Reference in New Issue View Git Blame Copy Permalink