mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-13 06:34:57 +03:00
mukul975
27c6414ca5
Complete skill folder anatomy across all cybersecurity skills: - scripts/agent.py: 80-150 line Python agents using real libraries (impacket, boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.) - references/api-reference.md: real API documentation with method signatures - LICENSE: MIT license for all skill folders
58 lines
2.2 KiB
Markdown
58 lines
2.2 KiB
Markdown
# API Reference: SSL Certificate Lifecycle Management
|
|
|
|
## cryptography Library - CSR Generation
|
|
|
|
| Class / Method | Description |
|
|
|----------------|-------------|
|
|
| `ec.generate_private_key(ec.SECP256R1())` | Generate ECDSA P-256 private key |
|
|
| `rsa.generate_private_key(65537, 2048)` | Generate RSA 2048-bit private key |
|
|
| `x509.CertificateSigningRequestBuilder()` | Build a PKCS#10 CSR |
|
|
| `.subject_name(x509.Name([...]))` | Set CSR subject |
|
|
| `.add_extension(SubjectAlternativeName(...))` | Add SAN extension |
|
|
| `.sign(private_key, hashes.SHA256())` | Sign CSR with private key |
|
|
|
|
## cryptography Library - Certificate Parsing
|
|
|
|
| Method | Description |
|
|
|--------|-------------|
|
|
| `x509.load_pem_x509_certificate(data)` | Parse PEM certificate |
|
|
| `x509.load_der_x509_certificate(data)` | Parse DER certificate |
|
|
| `cert.subject` | Get subject Distinguished Name |
|
|
| `cert.issuer` | Get issuer Distinguished Name |
|
|
| `cert.not_valid_after_utc` | Expiration datetime |
|
|
| `cert.serial_number` | Certificate serial number |
|
|
| `cert.extensions.get_extension_for_oid(OID)` | Get specific extension |
|
|
|
|
## Python ssl Module
|
|
|
|
| Function | Description |
|
|
|----------|-------------|
|
|
| `ssl.create_default_context()` | Create SSL context with system CAs |
|
|
| `ctx.wrap_socket(sock, server_hostname=host)` | TLS handshake |
|
|
| `s.getpeercert(binary_form=True)` | Get DER-encoded server certificate |
|
|
| `s.getpeercert()` | Get parsed certificate dict |
|
|
|
|
## Certificate Types
|
|
|
|
| Type | Validation | Typical Use |
|
|
|------|-----------|-------------|
|
|
| DV | Domain ownership | Websites, APIs |
|
|
| OV | Organization verified | Business applications |
|
|
| EV | Full legal verification | E-commerce, banking |
|
|
| Wildcard | `*.domain.com` | Multi-subdomain |
|
|
|
|
## Python Libraries
|
|
|
|
| Library | Version | Purpose |
|
|
|---------|---------|---------|
|
|
| `cryptography` | >=41.0 | CSR generation, certificate parsing |
|
|
| `ssl` | stdlib | TLS handshake, remote cert fetch |
|
|
| `socket` | stdlib | TCP connections |
|
|
|
|
## References
|
|
|
|
- cryptography docs: https://cryptography.io/en/latest/x509/
|
|
- Let's Encrypt ACME: https://letsencrypt.org/docs/
|
|
- OCSP Stapling: https://datatracker.ietf.org/doc/html/rfc6960
|
|
- Certificate Transparency: https://certificate.transparency.dev/
|