mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-15 23:44:56 +03:00
mukul975
27c6414ca5
Complete skill folder anatomy across all cybersecurity skills: - scripts/agent.py: 80-150 line Python agents using real libraries (impacket, boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.) - references/api-reference.md: real API documentation with method signatures - LICENSE: MIT license for all skill folders
61 lines
2.2 KiB
Markdown
61 lines
2.2 KiB
Markdown
# API Reference: SSL/TLS Inspection Configuration
|
|
|
|
## Inspection Validation Commands
|
|
|
|
| Command | Description |
|
|
|---------|-------------|
|
|
| `openssl s_client -connect host:443 -servername host` | Check certificate issuer |
|
|
| `curl -v https://host 2>&1 \| grep issuer` | Verify inspection via curl |
|
|
| `show system setting ssl-decrypt memory` | PAN-OS decryption stats |
|
|
| `show counter global filter category ssl` | PAN-OS SSL counters |
|
|
|
|
## CA Deployment Commands
|
|
|
|
### Windows (GPO/PowerShell)
|
|
| Command | Description |
|
|
|---------|-------------|
|
|
| `Import-Certificate -FilePath ca.crt -CertStoreLocation Cert:\LocalMachine\Root` | Install CA cert |
|
|
| `Get-ChildItem Cert:\LocalMachine\Root \| Where Subject -like "*CA*"` | Verify deployment |
|
|
|
|
### Linux
|
|
| Command | Description |
|
|
|---------|-------------|
|
|
| `cp ca.crt /usr/local/share/ca-certificates/ && update-ca-certificates` | Ubuntu/Debian |
|
|
| `cp ca.crt /etc/pki/ca-trust/source/anchors/ && update-ca-trust` | RHEL/CentOS |
|
|
|
|
### macOS
|
|
| Command | Description |
|
|
|---------|-------------|
|
|
| `security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ca.crt` | Install CA |
|
|
|
|
## Palo Alto SSL Decryption Policy
|
|
|
|
| Setting | Description |
|
|
|---------|-------------|
|
|
| `ssl-forward-proxy` | Outbound HTTPS inspection |
|
|
| `ssl-inbound-inspection` | Inbound to internal servers |
|
|
| `block-expired-certificate yes` | Block expired server certs |
|
|
| `min-version tls1-2` | Enforce TLS 1.2 minimum |
|
|
|
|
## Exemption Categories
|
|
|
|
| Category | Reason |
|
|
|----------|--------|
|
|
| Certificate-pinned apps | Apple Update, Microsoft Update, Dropbox |
|
|
| Healthcare/Financial | HIPAA/PCI privacy requirements |
|
|
| Legal privilege | Attorney-client communication |
|
|
|
|
## Python Libraries
|
|
|
|
| Library | Version | Purpose |
|
|
|---------|---------|---------|
|
|
| `ssl` | stdlib | TLS handshake, version testing |
|
|
| `socket` | stdlib | TCP connections |
|
|
| `subprocess` | stdlib | PowerShell CA verification |
|
|
|
|
## References
|
|
|
|
- Palo Alto SSL Decryption: https://docs.paloaltonetworks.com/network-security/decryption
|
|
- NIST SP 800-52 Rev 2: https://csrc.nist.gov/publications/detail/sp/800-52/rev-2/final
|
|
- US-CERT HTTPS Inspection: https://www.cisa.gov/news-events/alerts/2017/03/13/https-interception-weakens-tls-security
|