mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-11 13:44:56 +03:00
mukul975
27c6414ca5
Complete skill folder anatomy across all cybersecurity skills: - scripts/agent.py: 80-150 line Python agents using real libraries (impacket, boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.) - references/api-reference.md: real API documentation with method signatures - LICENSE: MIT license for all skill folders
65 lines
2.2 KiB
Markdown
65 lines
2.2 KiB
Markdown
# API Reference: Web Application Penetration Test Agent
|
|
|
|
## Overview
|
|
|
|
Performs automated web application security testing: technology fingerprinting, security header checks, HTTP method testing, CORS misconfiguration detection, basic SQL injection, and reflected XSS testing.
|
|
|
|
## Dependencies
|
|
|
|
| Package | Version | Purpose |
|
|
|---------|---------|---------|
|
|
| requests | >= 2.28 | HTTP client for all web tests |
|
|
|
|
## External Tools (Optional)
|
|
|
|
| Tool | Purpose |
|
|
|------|---------|
|
|
| ffuf | Directory and file brute-forcing |
|
|
|
|
## Core Functions
|
|
|
|
### `fingerprint_technology(target_url)`
|
|
Identifies server, framework, and language from headers and cookie names.
|
|
- **Returns**: `dict` with `server` and `technologies` list
|
|
|
|
### `check_security_headers(target_url)`
|
|
Checks HSTS, CSP, X-Content-Type-Options, X-Frame-Options, X-XSS-Protection, Referrer-Policy, Permissions-Policy.
|
|
- **Returns**: `dict[str, dict]` - header to presence/value mapping
|
|
|
|
### `test_http_methods(target_url)`
|
|
Tests for dangerous HTTP methods (PUT, DELETE, TRACE, CONNECT).
|
|
- **Returns**: `list[dict]` - allowed dangerous methods with risk levels
|
|
|
|
### `test_cors_config(target_url)`
|
|
Tests CORS with evil origins, null origin, and subdomain spoofing.
|
|
- **Returns**: `list[dict]` - reflected origins with credential risks
|
|
|
|
### `run_directory_bruteforce(target_url, wordlist)`
|
|
Subprocess wrapper for ffuf directory enumeration.
|
|
- **Default wordlist**: `/usr/share/seclists/Discovery/Web-Content/common.txt`
|
|
|
|
### `test_sql_injection_basic(target_url, params)`
|
|
Tests URL parameters with SQL injection payloads and checks for database error strings.
|
|
- **Risk**: CRITICAL when SQL error patterns detected
|
|
|
|
### `test_xss_basic(target_url, params)`
|
|
Tests for reflected XSS by checking if payloads appear unescaped in response body.
|
|
- **Risk**: HIGH when payload is reflected
|
|
|
|
### `run_assessment(target_url, test_params)`
|
|
Full assessment pipeline with summary statistics.
|
|
|
|
## OWASP Test Coverage
|
|
|
|
| OWASP Category | Tests Performed |
|
|
|----------------|----------------|
|
|
| A01 Broken Access Control | CORS, HTTP methods |
|
|
| A03 Injection | SQL injection, XSS |
|
|
| A05 Security Misconfiguration | Security headers, HTTP methods |
|
|
|
|
## Usage
|
|
|
|
```bash
|
|
python agent.py https://target-app.example.com
|
|
```
|