Stats
Actions
Tags
Parses Apache and Nginx access logs to detect SQL injection, LFI, directory traversal, web scanner fingerprints, and brute force using regex OWASP patterns, GeoIP enrichment, and request frequency anomalies.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersecurity-skills-zh:analyzing-web-server-logs-for-intrusionThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
1. 安装依赖:`pip install geoip2 user-agents`
pip install geoip2 user-agentsUNION SELECT、OR 1=1、' OR '、十六进制编码模式../、/etc/passwd、/proc/self、php://filter<script>、javascript:、onerror=、onload=python scripts/agent.py --log-file /var/log/nginx/access.log --geoip-db GeoLite2-City.mmdb --output web_intrusion_report.json
192.168.1.100 - - [15/Jan/2024:10:30:45 +0000] "GET /products?id=1' UNION SELECT username,password FROM users-- HTTP/1.1" 200 4532
Nikto/2.1.6, sqlmap/1.7, DirBuster-1.0-RC1, gobuster/3.1.0
npx claudepluginhub killvxk/cybersecurity-skills-zhParses Apache and Nginx access logs to detect SQL injection, LFI, directory traversal, web scanners, and brute-force attacks using regex on OWASP signatures, GeoIP enrichment, and request anomaly detection.
Parses Apache and Nginx access logs to detect SQL injection, LFI, directory traversal, web scanners, and brute-force attacks using regex on OWASP signatures, GeoIP enrichment, and request anomaly detection.
Parses Apache and Nginx access logs to detect SQL injection, LFI, directory traversal, scanner fingerprints, and brute-force patterns using regex, GeoIP enrichment, and anomaly detection.