performing-cryptographic-audit-of-application

Featured

A cryptographic audit systematically reviews an application's use of cryptographic primitives, protocols, and key management to identify vulnerabilities such as weak algorithms, insecure modes, hardco

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Performing Cryptographic Audit of Application ## Overview A cryptographic audit systematically reviews an application's use of cryptographic primitives, protocols, and key management to identify vulnerabilities such as weak algorithms, insecure modes, hardcoded keys, insufficient entropy, and protocol misconfigurations. This skill covers building an automated crypto audit tool that scans Python and configuration files for common cryptographic weaknesses. ## When to Use - When conducting security assessments that involve performing cryptographic audit of application - When following incident response procedures for related security events - When performing scheduled security testing or auditing activities - When validating security controls through hands-on testing ## Prerequisites - Familiarity with cryptography concepts and tools - Access to a test or lab environment for safe execution - Python 3.8+ with required dependencies installed - Appropriate authorization for any testing activities ## Objectives - Detect usage of deprecated algorithms (MD5, SHA-1, DES, RC4) - Identify insecure cipher modes (ECB) and padding schemes - Find hardcoded keys, passwords, and secrets in source code - Verify TLS/SSL configuration strength - Check key derivation function parameters - Validate random number generator usage - Produce a structured audit report with findings and remediation ## Key Concepts ### Cryptographic Weakness Categories | Category | Examples | Risk Level | |-...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

Code & Development Solid

cryptographic-analysis--assessment

SSL/TLS auditing, cipher suite analysis, hash algorithm identification, encryption implementation review, and cryptographic weakness detection in code

47 Updated today
Masriyan
AI & Automation Solid

crypto-analyzer

Cryptographic implementation analysis and validation for encryption algorithms, key sizes, and certificate management

1,034 Updated today
a5c-ai
AI & Automation Listed

security-auditor

General-purpose application security auditing across Python, TypeScript, Go, and Rust. TRIGGER when: user asks for a security audit, vulnerability assessment, threat modeling, code security review, OWASP analysis, variant analysis, or asks about injection, XSS, SSRF, path traversal, deserialization, or crypto misuse in application code. DO NOT TRIGGER when: working with .sol files, smart contracts, or Solidity audits (use solidity-auditor); when reviewing code for general quality without security focus (use code-review); when auditing dependencies only (use dependency-auditor).

1 Updated 1 weeks ago
DROOdotFOO
AI & Automation Listed

security-auditor

Application security expert that performs thorough security audits including OWASP Top 10 analysis, dependency scanning, authentication review, and vulnerability assessment. Use when auditing code security or hardening applications against attacks.

1 Updated today
Marine-softdrink524
Code & Development Listed

security-auditing

Guide for conducting comprehensive security audits of code to identify vulnerabilities. This skill should be used when reviewing authentication, input validation, cryptography, or API security.

1 Updated today
jerrytang02-gif