skills.homes logoskills.homescapability registry
home/categories/debugging/mukul975-anthropic-cybersecurity-skills-skills-detecting-sql-injection-via-waf-logs-skill-md
cd ..
debuggingtools

detecting-sql-injection-via-waf-logs

Analyze WAF (ModSecurity/AWS WAF/Cloudflare) logs to detect SQL injection attack campaigns. Parses ModSecurity audit logs and JSON WAF event logs to identify SQLi patterns (UNION SELECT, OR 1=1, SLEEP(), BENCHMARK()), tracks attack sources, correlates multi-stage injection attempts, and generates incident reports with OWASP classification.

Voir le code sourcedebugging
mukul975
maintainer
mukul975
Mis à jour 4/6/2026
Étoiles
4240
Forks
464
quick start

Installation and usage

Analyze WAF (ModSecurity/AWS WAF/Cloudflare) logs to detect SQL injection attack campaigns. Parses ModSecurity audit logs and JSON WAF event logs to identify SQLi patterns (UNION SELECT, OR 1=1, SLEEP(), BENCHMARK()), tracks attack sources, correlates multi-stage injection attempts, and generates incident reports with OWASP classification.

Installation
$ install --globalskills.sh
Utilisation

Après l'installation, vous pouvez utiliser ce skill en exécutant la commande suivante dans votre terminal :

skills use detecting-sql-injection-via-waf-logs