feat(azure): add new check related with Public IPs in Shodan.io (#3433)

Co-authored-by: Sergio Garcia <38561120+sergargar@users.noreply.github.com>
2026-02-10 06:45:08 +00:00 · 2024-02-27 13:33:38 +01:00
parent ab14efa329
commit bd05aaa4f9
63 changed files with 315 additions and 98 deletions
--- a/docs/developer-guide/unit-testing.md
+++ b/docs/developer-guide/unit-testing.md
@@ -527,7 +527,7 @@ from unittest import mock
 from uuid import uuid4

 # Azure Constants
-AZURE_SUBSCRIPTION = str(uuid4())
+from tests.providers.azure.azure_fixtures import AZURE_SUBSCRIPTION



--- a/docs/tutorials/configuration_file.md
+++ b/docs/tutorials/configuration_file.md
@@ -41,6 +41,7 @@ The following list includes all the Azure checks with configurable variables tha

 | Check Name                                                    | Value                                            | Type            |
 |---------------------------------------------------------------|--------------------------------------------------|-----------------|
+| `network_public_ip_shodan`                                   | `shodan_api_key`                    | String         |
 | `app_ensure_php_version_is_latest`                            | `php_latest_version`                             | String          |
 | `app_ensure_python_version_is_latest`                         | `python_latest_version`                          | String          |
 | `app_ensure_java_version_is_latest`                           | `java_latest_version`                            | String          |
@@ -136,6 +137,9 @@ aws:

 # Azure Configuration
 azure:
+  # Azure Network Configuration
+  # azure.network_public_ip_shodan
+  shodan_api_key: null

  # Azure App Configuration
  # azure.app_ensure_php_version_is_latest
--- a/docs/tutorials/pentesting.md
+++ b/docs/tutorials/pentesting.md
@@ -50,6 +50,7 @@ Several checks analyse resources that are exposed to the Internet, these are:
 - sagemaker_notebook_instance_without_direct_internet_access_configured
 - sns_topics_not_publicly_accessible
 - sqs_queues_not_publicly_accessible
+- network_public_ip_shodan

 ...

@@ -64,5 +65,9 @@ prowler <provider> --categories internet-exposed
 Prowler allows you check if any elastic ip in your AWS Account is exposed in Shodan with `-N`/`--shodan <shodan_api_key>` option:

 ```console
-prowler aws --shodan <shodan_api_key> -c ec2_elastic_ip_shodan
+prowler aws -N/--shodan <shodan_api_key> -c ec2_elastic_ip_shodan
+```
+Also, you can check if any of your Azure Subscription has an public IP exposed in shodan:
+```console
+prowler azure -N/--shodan <shodan_api_key> -c network_public_ip_shodan
 ```