creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-14 06:54:57 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d63b578a2f98cf26496aad4e997c7f57a388bccd
Anthropic-Cybersecurity-Skills/skills/implementing-threat-intelligence-platform.bak/references/api-reference.md
T
mukul975 c47eed6a64 Production hardening: security fixes, code quality, 724 skills complete 
- Fix 25 shell=True subprocess calls with list-based commands
- Fix 49 verify=False in defensive skills (env-var override)
- Add timeout to 231 HTTP/subprocess/socket calls
- Fix 6 SQL injection patterns with whitelist validation
- Replace 8 __import__() with standard imports
- Remove 701 unused imports across 442 files
- Add authorized-testing disclaimers to all offensive skills
- Complete 11 incomplete skill directories
- Expand 10 stub SKILL.md files with full content
- Fix 2 YAML parse errors in frontmatter
- Fix 5 pre-existing syntax errors
- Convert 22 hardcoded paths/ports to environment variables
- Back up 21 redundant skill pairs to .bak
- Fix 2 global declaration errors
- 724/724 skills with full folder anatomy (SKILL.md + agent.py + api-reference.md + LICENSE)
- 0 compile errors across all 724 agent.py files
2026-03-19 13:26:49 +01:00

57 lines
1.8 KiB
Markdown
Raw Blame History

# API Reference: MISP Threat Intelligence Platform
## PyMISP Constructor
```python
from pymisp import PyMISP, MISPEvent, MISPAttribute, MISPTag
misp = PyMISP(url, key, ssl=True, debug=False, proxies=None,
cert=None, auth=None, tool='', timeout=None)
```
## Core Methods
```python
misp.add_event(event, pythonify=False, metadata=False)
misp.get_event(event_id, pythonify=False)
misp.update_event(event, pythonify=False)
misp.add_attribute(event_id, attribute, pythonify=False)
misp.update_attribute(attribute, pythonify=False)
misp.search(value=None, type_attribute=None, category=None,
org=None, tags=None, pythonify=False)
misp.add_tag(tag, pythonify=False)
misp.get_stix_event(event_id)
```
## MISPEvent Object
```python
event = MISPEvent()
event.info = "Event description"
event.threat_level_id = 2 # 1=High, 2=Medium, 3=Low, 4=Undefined
event.distribution = 1 # 0=Org, 1=Community, 2=Connected, 3=All
event.analysis = 0 # 0=Initial, 1=Ongoing, 2=Complete
event.add_attribute("ip-dst", "1.2.3.4", to_ids=True)
event.add_tag(tag)
```
## MISPAttribute Object
```python
attr = MISPAttribute()
attr.type = "ip-dst" # ip-dst, domain, url, sha256, md5, email-src
attr.value = "1.2.3.4"
attr.to_ids = True
attr.category = "Network activity"
attr.comment = "C2 server"
```
## Feed APIs
| Feed | Endpoint | Method |
|------|----------|--------|
| URLhaus | `https://urlhaus-api.abuse.ch/api/v1/urls/recent/limit/N/` | POST |
| Feodo Tracker | `https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.json` | GET |
| MalwareBazaar | `https://mb-api.abuse.ch/api/v1/` | POST (query=get_info) |
## VirusTotal v3 - IP Enrichment
```
GET /api/v3/ip_addresses/{ip}
Header: x-apikey: <key>
Response: data.attributes.last_analysis_stats.malicious
```
Reference in New Issue View Git Blame Copy Permalink