analyzing-api-gateway-access-logs
CommunityParse API gateway logs to detect attacks.
AuthorYukiIto1999
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Analyzing API gateway access logs to identify and surface security threats such as BOLA/IDOR, rate limit bypass, credential stuffing attempts, and malicious injections, enabling faster detection and response.
Core Features & Use Cases
- Detect BOLA/IDOR patterns across users or source IPs with resource access profiling.
- Identify credential stuffing via 401/403 surges and unusual access to many endpoints.
- Flag injection attempts in query parameters or request bodies for further investigation.
- Typical Use Cases: incident response on AWS API Gateway, Kong, or Nginx logs; threat hunting in SOC workflows.
Quick Start
Run the agent against your API gateway logs to produce a structured findings report.
Dependency Matrix
Required Modules
pandas
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: analyzing-api-gateway-access-logs Download link: https://github.com/YukiIto1999/ctf-sleuth/archive/main.zip#analyzing-api-gateway-access-logs Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.