Skills
.Work. You
Rest

defensive-sqli

Community

Detect SQLi across logs for fast triage.

Data & Analytics#sql-injection#kql#yara#sigma-rules#sqli-detection#waf-logs
Authorriparino
Version1.0.0
Installs0

System Documentation

What problem does it solve?

SQL injection remains a critical attack vector. This skill helps security teams quickly detect SQL injection attempts by analyzing WAF logs, database activity, and tool indicators to enable faster containment and response.

Core Features & Use Cases

  • Sigma rules for SQLi patterns surface detections in SIEMs and security telemetry.
  • KQL queries for Azure Sentinel/Azure SQL audit logs identify SQLi indicators at scale.
  • YARA signatures for sqlmap artifacts and related tools help flag automated tooling.
  • Monitoring for database server process spawns indicative of exploitation and post-exploitation activity.
  • Use Case: SOC teams perform detection engineering, triage, and IR planning for web app attacks.

Quick Start

Run the detection methodology across WAF logs, DB logs, and SIEM streams to surface SQLi events.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: defensive-sqli
Download link: https://github.com/riparino/Claude-Cyber/archive/main.zip#defensive-sqli

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.