mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-13 06:34:57 +03:00
mukul975
c21af3347e
- Add scripts/agent.py and references/api-reference.md to all remaining skills - Update all 648 LICENSE files: copyright now reads 'Mahipal' - Add implementing-security-monitoring-with-datadog (new skill with full anatomy) - All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
1.9 KiB
1.9 KiB
Historian Server Attack Detection — API Reference
Common Historian Platforms
| Platform | Vendor | Default Port |
|---|---|---|
| PI Data Archive | OSIsoft/AVEVA | 5457 |
| PI Web API | OSIsoft/AVEVA | 443/5459 |
| Wonderware Historian | AVEVA | 1433 (SQL) |
| FactoryTalk Historian | Rockwell | 1433 (SQL) |
| Ignition Gateway | Inductive Automation | 8088 |
| iFIX Historian | GE Digital | 5051 |
OSIsoft PI Web API Endpoints
| Method | Endpoint | Description |
|---|---|---|
| GET | /piwebapi/system |
System information and version |
| GET | /piwebapi/points |
List PI data points |
| GET | /piwebapi/streams/{webId}/value |
Get current point value |
| GET | /piwebapi/streams/{webId}/recorded |
Get historical recorded values |
| GET | /piwebapi/dataservers |
List configured data servers |
Ignition Gateway Endpoints
| Endpoint | Description |
|---|---|
/StatusPing |
Gateway health check |
/system/gwinfo |
Gateway system information |
/system/webdev |
Web development module |
/main/web/status |
Gateway status page |
Attack Indicators
| Indicator | Description | Severity |
|---|---|---|
| Anonymous API access | PI Web API accessible without auth | CRITICAL |
| Bulk data read | >10,000 points read in single session | CRITICAL |
| Brute force login | >5 failed logins from same IP | HIGH |
| Exposed gateway info | Ignition/PI info pages publicly accessible | HIGH |
| SQL injection on historian DB | Direct SQL queries to historian backend | CRITICAL |