creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-12 06:04:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/implementing-rapid7-insightvm-for-scanning/references/api-reference.md
T
mukul975 c47eed6a64 Production hardening: security fixes, code quality, 724 skills complete 
- Fix 25 shell=True subprocess calls with list-based commands
- Fix 49 verify=False in defensive skills (env-var override)
- Add timeout to 231 HTTP/subprocess/socket calls
- Fix 6 SQL injection patterns with whitelist validation
- Replace 8 __import__() with standard imports
- Remove 701 unused imports across 442 files
- Add authorized-testing disclaimers to all offensive skills
- Complete 11 incomplete skill directories
- Expand 10 stub SKILL.md files with full content
- Fix 2 YAML parse errors in frontmatter
- Fix 5 pre-existing syntax errors
- Convert 22 hardcoded paths/ports to environment variables
- Back up 21 redundant skill pairs to .bak
- Fix 2 global declaration errors
- 724/724 skills with full folder anatomy (SKILL.md + agent.py + api-reference.md + LICENSE)
- 0 compile errors across all 724 agent.py files
2026-03-19 13:26:49 +01:00

191 lines
4.6 KiB
Markdown
Raw Blame History

# API Reference: Rapid7 InsightVM Vulnerability Scanning
## Libraries Used
| Library | Purpose |
|---------|---------|
| `requests` | HTTP client for InsightVM REST API v3 |
| `json` | Parse scan results and vulnerability data |
| `base64` | Encode Basic Auth credentials |
| `os` | Read `INSIGHTVM_URL`, `INSIGHTVM_USER`, `INSIGHTVM_PASS` |
## Installation
```bash
pip install requests
```
## Authentication
InsightVM API v3 uses HTTP Basic Authentication:
```python
import requests
import os
from requests.auth import HTTPBasicAuth
INSIGHTVM_URL = os.environ.get("INSIGHTVM_URL", "https://insightvm.example.com:3780")
auth = HTTPBasicAuth(
os.environ["INSIGHTVM_USER"],
os.environ["INSIGHTVM_PASS"],
)
```
## REST API v3 Endpoints
| Method | Endpoint | Description |
|--------|----------|-------------|
| GET | `/api/3/sites` | List all scan sites |
| GET | `/api/3/sites/{id}` | Get site details |
| POST | `/api/3/sites` | Create a new site |
| GET | `/api/3/sites/{id}/assets` | List assets in a site |
| POST | `/api/3/sites/{id}/scans` | Launch a scan on a site |
| GET | `/api/3/scans` | List all scans |
| GET | `/api/3/scans/{id}` | Get scan status and details |
| GET | `/api/3/assets` | List all assets |
| GET | `/api/3/assets/{id}` | Get asset details |
| GET | `/api/3/assets/{id}/vulnerabilities` | Get vulnerabilities for asset |
| GET | `/api/3/vulnerabilities` | List all known vulnerabilities |
| GET | `/api/3/vulnerabilities/{id}` | Get vulnerability details |
| GET | `/api/3/vulnerability_checks` | List vulnerability checks |
| GET | `/api/3/scan_engines` | List scan engines |
| GET | `/api/3/reports` | List generated reports |
| POST | `/api/3/reports` | Create a report configuration |
| POST | `/api/3/reports/{id}/generate` | Generate a report |
| GET | `/api/3/tags` | List all tags |
| GET | `/api/3/policies` | List compliance policies |
## Core Operations
### List Sites
```python
resp = requests.get(
f"{INSIGHTVM_URL}/api/3/sites",
auth=auth,
params={"page": 0, "size": 100},
timeout=30,
verify=True,
)
for site in resp.json().get("resources", []):
print(f"Site: {site['name']} (ID: {site['id']}) — {site.get('description', '')}")
```
### Launch a Scan
```python
resp = requests.post(
f"{INSIGHTVM_URL}/api/3/sites/{site_id}/scans",
auth=auth,
json={"engineId": engine_id},
timeout=30,
verify=True,
)
scan_id = resp.json()["id"]
```
### Poll Scan Status
```python
import time
while True:
resp = requests.get(
f"{INSIGHTVM_URL}/api/3/scans/{scan_id}",
auth=auth,
timeout=30,
verify=True,
)
status = resp.json()["status"]
if status in ("finished", "stopped", "error"):
break
time.sleep(30)
```
### Get Asset Vulnerabilities
```python
resp = requests.get(
f"{INSIGHTVM_URL}/api/3/assets/{asset_id}/vulnerabilities",
auth=auth,
params={"page": 0, "size": 500},
timeout=60,
verify=True,
)
vulns = resp.json().get("resources", [])
for v in vulns:
print(f" {v['id']} — CVSS: {v.get('cvssV3Score', 'N/A')}{v.get('status')}")
```
### Get Vulnerability Details
```python
resp = requests.get(
f"{INSIGHTVM_URL}/api/3/vulnerabilities/{vuln_id}",
auth=auth,
timeout=30,
verify=True,
)
vuln = resp.json()
# Fields: title, description, cvss, severity, publishedDate, references, exploits
```
### Generate a Report
```python
report_config = {
"name": "Monthly Vuln Report",
"format": "pdf",
"scope": {"sites": [site_id]},
"template": "audit-report",
}
resp = requests.post(
f"{INSIGHTVM_URL}/api/3/reports",
auth=auth,
json=report_config,
timeout=30,
verify=True,
)
report_id = resp.json()["id"]
# Generate the report
requests.post(
f"{INSIGHTVM_URL}/api/3/reports/{report_id}/generate",
auth=auth,
timeout=30,
verify=True,
)
```
## Pagination
All list endpoints support cursor-based pagination:
```python
def paginate(endpoint, auth, params=None):
params = params or {}
params.setdefault("size", 500)
page = 0
while True:
params["page"] = page
resp = requests.get(endpoint, auth=auth, params=params, timeout=60, verify=True)
data = resp.json()
yield from data.get("resources", [])
if page >= data.get("page", {}).get("totalPages", 1) - 1:
break
page += 1
```
## Output Format
```json
{
"id": 12345,
"status": "finished",
"vulnerabilities": {
"critical": 3,
"severe": 12,
"moderate": 45,
"total": 60
},
"assets": 128,
"startTime": "2025-01-15T08:00:00Z",
"endTime": "2025-01-15T09:45:00Z",
"engineName": "Local Scan Engine"
}
```
Reference in New Issue View Git Blame Copy Permalink