afrexai-cybersecurity-engine

# Cybersecurity Engine

Complete methodology for security assessment, threat modeling, vulnerability management, incident response, and security program design. No tools required — pure agent knowledge that works with any codebase, infrastructure, or organization.

## Phase 1: Security Posture Assessment

### Quick Health Check (5 minutes)

Run through these three tiers:

**Tier 1 — Critical (fix today):**
- [ ] Default credentials in production
- [ ] Secrets in source code or environment files committed to git
- [ ] No authentication on admin endpoints
- [ ] SQL injection in user-facing forms
- [ ] Unencrypted sensitive data at rest
- [ ] Public S3 buckets or cloud storage
- [ ] No HTTPS enforcement
- [ ] Root/admin running application processes

**Tier 2 — High (fix this week):**
- [ ] Dependencies with known CVEs (CVSS ≥ 7.0)
- [ ] No rate limiting on authentication endpoints
- [ ] Missing CSRF protection on state-changing operations
- [ ] Verbose error messages leaking stack traces
- [ ] No input validation on API endpoints
- [ ] Weak password policy (< 12 chars, no complexity)
- [ ] Session tokens in URL parameters
- [ ] No logging of authentication events

**Tier 3 — Medium (fix this sprint):**
- [ ] Missing security headers (CSP, HSTS, X-Frame-Options)
- [ ] No automated dependency scanning in CI
- [ ] Overprivileged service accounts
- [ ] No secret rotation policy
- [ ] Missing account lockout after failed attempts
- [ ] No security.txt or responsible disclosure policy
- [ ] Cookies without Secure/HttpOnly/SameSite flags

**Score:** Count failures. 0-2 = solid. 3-5 = needs work. 6+ = stop shipping features, fix security.

### Full Assessment Brief

```yaml
assessment:
  name: "[Project/Org Name] Security Assessment"
  date: "YYYY-MM-DD"
  assessor: "[Agent/Person]"
  scope:
    applications:
      - name: "[App Name]"
        type: "web|api|mobile|desktop|iot"
        tech_stack: "[languages, frameworks, DBs]"
        hosting: "cloud|on-prem|hybrid"...

# 🛡️ AfrexAI Cybersecurity Engine

Complete cybersecurity assessment, threat modeling, penetration testing, and security program design — all in one agent skill. Zero external dependencies.

## Install

```bash
clawhub install afrexai-cybersecurity-engine
```

## What It Does

Transform your AI agent into a security engineer that can:

- **Assess** any application or infrastructure's security posture in minutes
- **Threat model** using STRIDE+ methodology with risk scoring
- **Audit** against OWASP Top 10 with specific fix patterns and code examples
- **Harden** servers, containers, and cloud environments with copy-paste configs
- **Manage vulnerabilities** with severity SLAs and scanning schedules
- **Respond to incidents** with step-by-step playbooks and communication templates
- **Design security programs** from scratch (quarterly roadmap)
- **Score security** with a 100-point rubric across 8 dimensions

## Quick Start

```
"Audit security of my Node.js API"
"Threat model our payment processing flow"
"Harden my AWS infrastructure"
"Create an incident response plan for our team"
"Score the security of our SaaS platform"
```

## What's Inside

| Phase | Topic | Key Deliverables |
|-------|-------|-----------------|
| 1 | Posture Assessment | 3-tier health check, full assessment brief YAML |
| 2 | Threat Modeling | STRIDE analysis, threat register, priority rules |
| 3 | Application Security | OWASP Top 10 checklists with fix patterns |
| 4 | Infrastructure | Network, container, and cloud hardening configs |
| 5 | Vulnerability Management | Lifecycle, SLAs, report templates, scanning schedule |
| 6 | Incident Response | SEV-1-4 playbooks, post-mortem template, comms |
| 7 | Security Headers | Copy-paste HTTP headers and cookie config |
| 8 | Auth Deep Dive | Password policy, JWT checklist, OAuth/OIDC |
| 9 | Security Program | 4-quarter roadmap, metrics dashboard |
| 10 | Penetration Testing | Recon, 4-phase testing, report template |
| 11 | Supply Chain | Dependenc...