mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-14 15:04:56 +03:00
mukul975
27c6414ca5
Complete skill folder anatomy across all cybersecurity skills: - scripts/agent.py: 80-150 line Python agents using real libraries (impacket, boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.) - references/api-reference.md: real API documentation with method signatures - LICENSE: MIT license for all skill folders
55 lines
2.1 KiB
Markdown
55 lines
2.1 KiB
Markdown
# API Reference: Mobile App Penetration Testing Agent
|
|
|
|
## Overview
|
|
|
|
Tests Android mobile applications for OWASP MASTG vulnerabilities: insecure storage, hardcoded secrets, manifest misconfigurations, certificate pinning bypass, and API authorization flaws. For authorized testing only.
|
|
|
|
## Dependencies
|
|
|
|
| Package | Version | Purpose |
|
|
|---------|---------|---------|
|
|
| requests | >=2.28 | API and cert pinning testing |
|
|
| apktool | >=2.7 | APK decompilation (subprocess) |
|
|
| adb | - | Android device interaction (subprocess) |
|
|
|
|
## CLI Usage
|
|
|
|
```bash
|
|
python agent.py --apk target.apk --manifest AndroidManifest.xml \
|
|
--api-url https://api.target.com --auth-token <jwt> --output report.json
|
|
```
|
|
|
|
## Key Functions
|
|
|
|
### `decompile_apk(apk_path, output_dir)`
|
|
Decompiles APK using apktool for static analysis of smali code and resources.
|
|
|
|
### `extract_strings_from_apk(apk_path)`
|
|
Extracts hardcoded sensitive strings (API keys, passwords, tokens, URLs) from APK binary.
|
|
|
|
### `check_android_manifest(manifest_path)`
|
|
Analyzes AndroidManifest.xml for debuggable, allowBackup, exported components, and cleartext traffic settings.
|
|
|
|
### `test_certificate_pinning(target_url)`
|
|
Tests if API connections succeed through a proxy (indicating missing cert pinning).
|
|
|
|
### `check_insecure_storage_adb()`
|
|
Checks shared_prefs, databases, and external storage for sensitive data via adb shell.
|
|
|
|
### `test_api_endpoints(base_url, endpoints, auth_token)`
|
|
Tests API endpoints for authorization bypass by comparing authenticated vs unauthenticated responses.
|
|
|
|
### `check_root_detection(package_name)`
|
|
Inspects the app package for root detection library indicators (RootBeer, SafetyNet).
|
|
|
|
## OWASP MASTG Coverage
|
|
|
|
| Category | Test | Function |
|
|
|----------|------|----------|
|
|
| MASVS-STORAGE | Insecure Data Storage | `check_insecure_storage_adb` |
|
|
| MASVS-STORAGE | Hardcoded Credentials | `extract_strings_from_apk` |
|
|
| MASVS-NETWORK | Certificate Pinning | `test_certificate_pinning` |
|
|
| MASVS-NETWORK | Cleartext Traffic | `check_android_manifest` |
|
|
| MASVS-AUTH | API Authorization | `test_api_endpoints` |
|
|
| MASVS-RESILIENCE | Root Detection | `check_root_detection` |
|