mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-14 06:54:57 +03:00
mukul975
27c6414ca5
Complete skill folder anatomy across all cybersecurity skills: - scripts/agent.py: 80-150 line Python agents using real libraries (impacket, boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.) - references/api-reference.md: real API documentation with method signatures - LICENSE: MIT license for all skill folders
2.6 KiB
2.6 KiB
Azure Storage Misconfiguration Detection API Reference
Azure CLI - Storage Account Enumeration
# List all storage accounts
az storage account list --query "[].{name:name, rg:resourceGroup, https:enableHttpsTrafficOnly, tls:minimumTlsVersion, publicAccess:allowBlobPublicAccess}" -o table
# Show account details
az storage account show --name mystorageacct --resource-group myrg
# Resource Graph cross-subscription query
az graph query -q "Resources | where type == 'microsoft.storage/storageaccounts' | project name, properties.allowBlobPublicAccess, properties.minimumTlsVersion"
Container Access Level Checks
# List containers with access levels
az storage container list --account-name mystorageacct \
--query "[].{name:name, access:properties.publicAccess}" -o table
# Set container to private
az storage container set-permission --name mycontainer \
--account-name mystorageacct --public-access off
Network Rules
# Show network rules
az storage account network-rule list --account-name mystorageacct --resource-group myrg
# Set default action to Deny
az storage account update --name mystorageacct --resource-group myrg \
--default-action Deny
# Add IP rule
az storage account network-rule add --account-name mystorageacct \
--resource-group myrg --ip-address 203.0.113.0/24
Security Settings
# Enforce HTTPS only
az storage account update --name mystorageacct -g myrg --https-only true
# Set minimum TLS 1.2
az storage account update --name mystorageacct -g myrg --min-tls-version TLS1_2
# Disable public blob access
az storage account update --name mystorageacct -g myrg --allow-blob-public-access false
# Enable soft delete
az storage blob service-properties delete-policy update \
--account-name mystorageacct --enable true --days-retained 14
Azure Storage Security Checklist
| Check | CLI Command | Expected |
|---|---|---|
| HTTPS only | show --query enableHttpsTrafficOnly |
true |
| TLS 1.2+ | show --query minimumTlsVersion |
TLS1_2 |
| No public access | show --query allowBlobPublicAccess |
false |
| Network deny default | network-rule list |
defaultAction: Deny |
| Logging enabled | storage logging show |
All services enabled |
| Soft delete on | blob service-properties |
Enabled 7-14 days |
Defender for Storage Alerts
| Alert | Description |
|---|---|
| Anonymous access to storage | Unauthenticated blob access |
| Unusual data extraction | Anomalous download volume |
| Access from Tor exit node | Storage access from Tor |
| Unusual access pattern | Access from unexpected location |