skills.homes logoskills.homescapability registry
home/categories/debugging/mukul975-anthropic-cybersecurity-skills-skills-detecting-sql-injection-via-waf-logs-skill-md
cd ..
debuggingtools

detecting-sql-injection-via-waf-logs

Analyze WAF (ModSecurity/AWS WAF/Cloudflare) logs to detect SQL injection attack campaigns. Parses ModSecurity audit logs and JSON WAF event logs to identify SQLi patterns (UNION SELECT, OR 1=1, SLEEP(), BENCHMARK()), tracks attack sources, correlates multi-stage injection attempts, and generates incident reports with OWASP classification.

Ver código fuentedebugging
mukul975
maintainer
mukul975
Actualizado 4/6/2026
Estrellas
4240
Forks
464
quick start

Installation and usage

Analyze WAF (ModSecurity/AWS WAF/Cloudflare) logs to detect SQL injection attack campaigns. Parses ModSecurity audit logs and JSON WAF event logs to identify SQLi patterns (UNION SELECT, OR 1=1, SLEEP(), BENCHMARK()), tracks attack sources, correlates multi-stage injection attempts, and generates incident reports with OWASP classification.

Instalación
$ install --globalskills.sh
Uso

Después de instalarlo, puedes usar este skill ejecutando el siguiente comando en tu terminal:

skills use detecting-sql-injection-via-waf-logs