Initial commit
This commit is contained in:
Zhongwei Li
54
skills/api-fuzzer/SKILL.md
Normal file
54
skills/api-fuzzer/SKILL.md
Normal file
@@ -0,0 +1,54 @@
|
||||
---
|
||||
name: fuzzing-apis
|
||||
description: |
|
||||
This skill enables Claude to perform automated fuzz testing on APIs to discover vulnerabilities, crashes, and unexpected behavior. It leverages malformed inputs, boundary values, and random payloads to generate comprehensive fuzz test suites. Use this skill when you need to identify potential SQL injection, XSS, command injection vulnerabilities, input validation failures, and edge cases in APIs. Trigger this skill by requesting fuzz testing, vulnerability scanning, or security analysis of an API. The skill is invoked using the `/fuzz-api` command.
|
||||
allowed-tools: Read, Write, Edit, Grep, Glob, Bash
|
||||
version: 1.0.0
|
||||
---
|
||||
|
||||
## Overview
|
||||
|
||||
This skill allows Claude to conduct automated fuzz testing on REST APIs. It identifies potential security flaws and robustness issues by injecting various malformed inputs, boundary values, and random data.
|
||||
|
||||
## How It Works
|
||||
|
||||
1. **Input Generation**: The skill generates a diverse set of test inputs, including malformed data, boundary values, and random payloads.
|
||||
2. **API Interaction**: It sends these inputs to the specified API endpoints.
|
||||
3. **Result Analysis**: It analyzes the API's responses and behavior to identify vulnerabilities, crashes, and unexpected results, such as SQL injection errors or XSS vulnerabilities.
|
||||
|
||||
## When to Use This Skill
|
||||
|
||||
This skill activates when you need to:
|
||||
- Identify potential security vulnerabilities in an API.
|
||||
- Test the robustness of an API against unexpected inputs.
|
||||
- Ensure proper input validation is implemented in an API.
|
||||
|
||||
## Examples
|
||||
|
||||
### Example 1: Discovering SQL Injection Vulnerability
|
||||
|
||||
User request: "Fuzz test the /users endpoint for SQL injection vulnerabilities."
|
||||
|
||||
The skill will:
|
||||
1. Generate SQL injection payloads.
|
||||
2. Send these payloads to the /users endpoint.
|
||||
3. Analyze the API's responses for SQL errors or unexpected behavior indicating a SQL injection vulnerability.
|
||||
|
||||
### Example 2: Testing Input Validation
|
||||
|
||||
User request: "Fuzz test the /products endpoint to check for input validation issues with price and quantity parameters."
|
||||
|
||||
The skill will:
|
||||
1. Generate malformed inputs for price and quantity (e.g., negative values, extremely large numbers, non-numeric characters).
|
||||
2. Send these inputs to the /products endpoint.
|
||||
3. Analyze the API's responses for errors or unexpected behavior, indicating input validation failures.
|
||||
|
||||
## Best Practices
|
||||
|
||||
- **Specificity**: Be specific about the API endpoint or parameters you want to fuzz.
|
||||
- **Context**: Provide context about the expected behavior of the API.
|
||||
- **Iteration**: Run multiple fuzzing sessions with different input sets for thorough testing.
|
||||
|
||||
## Integration
|
||||
|
||||
This skill can be used in conjunction with other security analysis tools to provide a more comprehensive assessment of an API's security posture. It can also be integrated into a CI/CD pipeline to automate security testing.
|
||||
6
skills/api-fuzzer/assets/README.md
Normal file
6
skills/api-fuzzer/assets/README.md
Normal file
@@ -0,0 +1,6 @@
|
||||
# Assets
|
||||
|
||||
Bundled resources for api-fuzzer skill
|
||||
|
||||
- [ ] payload_templates/: Directory containing templates for different types of payloads (JSON, XML, etc.).
|
||||
- [ ] report_template.md: Template for generating the fuzzing report.
|
||||
75
skills/api-fuzzer/assets/report_template.md
Normal file
75
skills/api-fuzzer/assets/report_template.md
Normal file
@@ -0,0 +1,75 @@
|
||||
# API Fuzzing Report
|
||||
|
||||
This report summarizes the results of the API fuzzing performed using the `api-fuzzer` plugin.
|
||||
|
||||
## 1. Executive Summary
|
||||
|
||||
[**Placeholder:** Briefly summarize the overall findings of the fuzzing process. Highlight any critical vulnerabilities discovered. For example: "The API fuzzing process identified several potential vulnerabilities, including SQL injection vulnerabilities in the user authentication endpoint and XSS vulnerabilities in the data display functionality. Further investigation and remediation are recommended."]
|
||||
|
||||
## 2. Target API Information
|
||||
|
||||
* **API Endpoint(s) Fuzzed:** [**Placeholder:** List the specific API endpoints that were targeted during the fuzzing process. Example: `/users`, `/products/{id}`, `/login`]
|
||||
* **API Version:** [**Placeholder:** Specify the version of the API that was fuzzed. Example: v1.0, v2.1]
|
||||
* **API Description (Optional):** [**Placeholder:** Briefly describe the purpose of the API being fuzzed. Example: "The API provides access to user data and product information."]
|
||||
* **Authentication Method:** [**Placeholder:** Describe the authentication method used by the API. Example: OAuth 2.0, API Key, Basic Authentication]
|
||||
|
||||
## 3. Fuzzing Methodology
|
||||
|
||||
* **Fuzzing Techniques Used:**
|
||||
* Malformed Input Generation: [**Placeholder:** Describe the types of malformed inputs generated. Example: Invalid data types, unexpected characters, oversized strings]
|
||||
* SQL Injection Testing: [**Placeholder:** Explain the SQL injection payloads used. Example: Payloads designed to bypass input validation and inject SQL code]
|
||||
* XSS Detection: [**Placeholder:** Describe the XSS payloads used. Example: Payloads designed to inject JavaScript code into the API responses]
|
||||
* Boundary Value Testing: [**Placeholder:** Explain the boundary values tested. Example: Minimum and maximum allowed values for numeric fields, empty strings]
|
||||
* Random Payload Generation: [**Placeholder:** Describe the method of random payload generation. Example: Random strings, numbers, and special characters]
|
||||
* **Number of Requests Sent:** [**Placeholder:** Specify the total number of requests sent to the API during the fuzzing process. Example: 10,000]
|
||||
* **Fuzzing Duration:** [**Placeholder:** Indicate the total duration of the fuzzing process. Example: 2 hours]
|
||||
* **Tools Used:** `api-fuzzer` plugin
|
||||
|
||||
## 4. Vulnerability Findings
|
||||
|
||||
This section details the vulnerabilities identified during the fuzzing process. For each vulnerability, provide the following information:
|
||||
|
||||
### Vulnerability #1
|
||||
|
||||
* **Vulnerability Type:** [**Placeholder:** Specify the type of vulnerability. Example: SQL Injection, XSS, Buffer Overflow, Denial of Service]
|
||||
* **Endpoint:** [**Placeholder:** Specify the API endpoint where the vulnerability was found. Example: `/login`]
|
||||
* **Parameter:** [**Placeholder:** Specify the vulnerable parameter. Example: `username`, `password`]
|
||||
* **Payload:** [**Placeholder:** Provide the exact payload that triggered the vulnerability. Example: `' OR '1'='1`]
|
||||
* **Description:** [**Placeholder:** Describe the vulnerability in detail. Explain how the payload triggered the vulnerability and the potential impact. Example: "The `username` parameter is vulnerable to SQL injection. The provided payload bypasses authentication by injecting SQL code that always evaluates to true."]
|
||||
* **Severity:** [**Placeholder:** Assign a severity level to the vulnerability. Example: Critical, High, Medium, Low]
|
||||
* **Recommendation:** [**Placeholder:** Provide recommendations for remediating the vulnerability. Example: "Implement parameterized queries or input validation to prevent SQL injection."]
|
||||
|
||||
### Vulnerability #2
|
||||
|
||||
* **Vulnerability Type:** [**Placeholder:** Specify the type of vulnerability. Example: SQL Injection, XSS, Buffer Overflow, Denial of Service]
|
||||
* **Endpoint:** [**Placeholder:** Specify the API endpoint where the vulnerability was found. Example: `/products/{id}`]
|
||||
* **Parameter:** [**Placeholder:** Specify the vulnerable parameter. Example: `id`]
|
||||
* **Payload:** [**Placeholder:** Provide the exact payload that triggered the vulnerability. Example: `<script>alert('XSS')</script>`]
|
||||
* **Description:** [**Placeholder:** Describe the vulnerability in detail. Explain how the payload triggered the vulnerability and the potential impact. Example: "The `id` parameter is vulnerable to XSS. The provided payload injects JavaScript code into the API response, which could allow an attacker to steal user cookies or redirect the user to a malicious website."]
|
||||
* **Severity:** [**Placeholder:** Assign a severity level to the vulnerability. Example: Critical, High, Medium, Low]
|
||||
* **Recommendation:** [**Placeholder:** Provide recommendations for remediating the vulnerability. Example: "Implement output encoding to prevent XSS attacks."]
|
||||
|
||||
[**Repeat the above Vulnerability section for each vulnerability found.**]
|
||||
|
||||
## 5. Non-Vulnerability Findings
|
||||
|
||||
This section details any unexpected behaviors or potential issues that were identified during the fuzzing process, but do not necessarily constitute a vulnerability.
|
||||
|
||||
* **Issue #1:** [**Placeholder:** Describe the issue. Example: "The API returned a 500 error when a very long string was provided as input. While this is not a vulnerability, it could indicate a potential denial-of-service vulnerability."]
|
||||
* **Recommendation:** [**Placeholder:** Provide recommendations for addressing the issue. Example: "Implement input validation to limit the maximum length of input strings."]
|
||||
|
||||
[**Repeat the above Issue section for each non-vulnerability finding.**]
|
||||
|
||||
## 6. Conclusion
|
||||
|
||||
[**Placeholder:** Summarize the overall results of the fuzzing process and provide recommendations for next steps. Example: "The API fuzzing process identified several potential vulnerabilities that require further investigation and remediation. It is recommended that the development team prioritize addressing these vulnerabilities to improve the security of the API."]
|
||||
|
||||
## 7. Appendix
|
||||
|
||||
[**Placeholder:** Include any additional information that may be relevant to the report, such as:
|
||||
|
||||
* Detailed logs of the fuzzing process
|
||||
* Sample API responses
|
||||
* Links to relevant documentation
|
||||
* Contact information for the fuzzing team
|
||||
]
|
||||
7
skills/api-fuzzer/references/README.md
Normal file
7
skills/api-fuzzer/references/README.md
Normal file
@@ -0,0 +1,7 @@
|
||||
# References
|
||||
|
||||
Bundled resources for api-fuzzer skill
|
||||
|
||||
- [ ] api_fuzzing_best_practices.md: Document outlining best practices for API fuzzing, including common vulnerabilities to look for.
|
||||
- [ ] payload_examples.md: Document containing examples of different types of payloads used in fuzzing.
|
||||
- [ ] api_schema.md: Document describing the expected API schema for the target API (if available).
|
||||
7
skills/api-fuzzer/scripts/README.md
Normal file
7
skills/api-fuzzer/scripts/README.md
Normal file
@@ -0,0 +1,7 @@
|
||||
# Scripts
|
||||
|
||||
Bundled resources for api-fuzzer skill
|
||||
|
||||
- [ ] fuzz_api.py: Script to execute the fuzzing process, taking API endpoint and payload types as input.
|
||||
- [ ] generate_payloads.py: Script to generate various types of payloads (malformed, boundary, random) for fuzzing.
|
||||
- [ ] report_generator.py: Script to generate a detailed report of the fuzzing results, including vulnerabilities found.
|
||||
Reference in New Issue
Block a user