ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 23:05:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,973 Commits 1 Branch 0 Tags
0313dba7b4857befd2100fa201aaa89e5f0ff718
Commit Graph

239 Commits

Author SHA1 Message Date
Pepe Fagoaga
0313dba7b4 chore(aws): Improve tests and status from accessanalyzer to cloudwatch (#2711) 2023-08-11 11:04:04 +02:00
christiandavilakoobin
ade511df28 fix(sns): allow default SNS policy with SourceOwner (#2698) 
Co-authored-by: Azure Pipeplines CI <monitor@koobin.com>
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-08-10 12:13:57 +02:00
Pepe Fagoaga
f4308032c3 fix(cloudfront): fix ViewerProtocolPolicy and GeoRestrictionType (#2701) 2023-08-10 12:02:49 +02:00
Pepe Fagoaga
d41b0332ac feat(athena): New AWS Athena service + 2 workgroup checks (#2696) 2023-08-10 10:23:17 +02:00
Sergio Garcia
36e095c830 fix(iam_role_cross_service_confused_deputy_prevention): add ResourceAccount and PrincipalAccount conditions (#2689) 2023-08-09 10:41:48 +02:00
Pepe Fagoaga
13059e0568 fix(ec2-securitygroups): Handle IPv6 public (#2690) 2023-08-09 10:08:30 +02:00
Pepe Fagoaga
9e8023d716 fix(config): Pass a configuration file using --config-file config.yaml (#2679) 2023-08-09 09:52:45 +02:00
Pepe Fagoaga
1797b54259 test(azure): Storage Service (#2672) 2023-08-03 15:07:17 +02:00
Pepe Fagoaga
f289c8fb2e test(azure): SQL Server Service (#2671) 2023-08-03 14:43:18 +02:00
Pepe Fagoaga
e4ad881a69 test(azure): IAM service (#2670) 2023-08-03 14:15:34 +02:00
Pepe Fagoaga
138bca38e7 test(azure): Defender service (#2669) 2023-08-03 13:52:55 +02:00
edurra
44f7af3580 feat(azure): add Azure SQL Server service and 3 checks (#2665) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-08-03 11:29:17 +02:00
Pepe Fagoaga
efa75a62e3 fix(iam_policy_allows_privilege_escalation): Handle permissions in groups (#2655) 2023-08-03 10:40:51 +02:00
Pepe Fagoaga
5763bca317 refactor(vpc_endpoint_connections_trust_boundaries) (#2667) 2023-08-03 09:56:09 +02:00
Pepe Fagoaga
c335334402 fix(test_only_aws_service_linked_roles): Flaky test (#2666) 2023-08-03 09:18:06 +02:00
Pepe Fagoaga
5bf3f70717 fix(vpc_endpoint_connections_trust_boundaries): Handle AWS Account ID as Principal (#2611) 2023-08-03 09:16:58 +02:00
Sergio Garcia
aced44f051 fix(sns): handle topic policy conditions (#2660) 2023-08-02 11:45:27 +02:00
Pepe Fagoaga
02f432238e fix(outputs): Not use reserved keyword list as variable (#2657) 2023-08-02 09:00:04 +02:00
Sergio Garcia
864d178e01 chore(regions_update): Changes in regions for AWS services. (#2654) 
Co-authored-by: sergargar <sergargar@users.noreply.github.com>
 2023-08-01 11:52:02 +02:00
Sergio Garcia
78f0b823a9 fix(s3_bucket_level_public_access_block): check s3 public access block at account level (#2653) 2023-08-01 11:24:58 +02:00
Pepe Fagoaga
7bdca0420e fix(cloudtrail): Set status to INFO when trail is outside the audited account (#2643) 2023-07-31 17:50:21 +02:00
Pepe Fagoaga
b4e78d28f8 fix(test): mock VPC client (#2640) 2023-07-31 11:19:15 +02:00
Pepe Fagoaga
e3d4e38a59 feat(aws): New AWSService class as parent (#2638) 2023-07-31 11:18:54 +02:00
Pepe Fagoaga
386f558eae fix(ec2_instance_secrets_user_data): Include line numbers in status (#2639) 2023-07-31 10:33:34 +02:00
Chris Farris
03ad403e7a feat(s3): Add checks for publicly listable Buckets or writable buckets by ACL (#2628) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-07-31 08:35:18 +02:00
Gabriel Pragin
965327e801 chore(typos): Update check's status (#2629) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-07-27 11:44:09 +02:00
Pepe Fagoaga
a5c63845b4 test: security groups (#2627) 2023-07-26 16:29:27 +02:00
Sergio Garcia
6328ef4444 fix(guardduty): handle disabled detectors in guardduty_is_enabled (#2616) 2023-07-25 12:26:37 +02:00
dependabot[bot]
18f02fac68 build(deps-dev): bump moto from 4.1.12 to 4.1.13 (#2598) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-07-18 10:37:34 +02:00
Pepe Fagoaga
28ea37f367 test(aws_provider): Role and User MFA (#2486) 2023-07-18 09:36:37 +02:00
Gabriel Pragin
65a737bb58 chore(metadata): Typos (#2595) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-07-18 09:27:58 +02:00
Pepe Fagoaga
02519a4429 fix(assume_role): Set the AWS STS endpoint region (#2587) 2023-07-17 10:09:48 +02:00
Nacho Rivera
8f015d0672 fix(allowlist): single account checks handling (#2585) 
Co-authored-by: thomscode <thomscode@gmail.com>
 2023-07-14 09:55:27 +02:00
Nacho Rivera
d1c91093e2 feat(cond parser): add policy cond parser & apply in sqs public check (#2575) 2023-07-12 15:39:01 +02:00
Nacho Rivera
66fe101ccd fix(allowlist): handle wildcard in account field (#2577) 2023-07-12 14:22:42 +02:00
dependabot[bot]
4ba54738a9 build(deps): bump boto3 from 1.26.161 to 1.26.165 (#2566) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-07-11 09:37:29 +02:00
Pepe Fagoaga
11a8ba131a test(outputs): Remove debug (#2559) 2023-07-07 10:14:47 +02:00
Sergio Garcia
858de64f8e chore(release): version 3.7.0 (#2558) 2023-07-06 21:17:21 +02:00
Sergio Garcia
676e60afb7 feat(gcp): add CIS checks (#2544) 2023-07-06 17:01:56 +02:00
Nacho Rivera
b1968f3f8b fix(allowlist): reformat allowlist logic (#2555) 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-07-06 15:33:32 +02:00
Nacho Rivera
7097ca401d feat(lambda allowlist): mapping lambda/awslambda in allowlist (#2554) 2023-07-05 11:49:42 +02:00
Sergio Garcia
6a2fb37615 fix(bigquery_dataset_public_access): handle status correctly (#2542) 2023-07-03 13:01:51 +02:00
Nacho Rivera
6403feaff9 fix(cloudwatch secrets): fix nonetype error handling (#2543) 2023-07-03 12:52:46 +02:00
Sergio Garcia
4f033cec8d feat(MITRE): add MITRE ATT&CK framework for AWS (#2537) 2023-06-30 12:24:05 +02:00
Sergio Garcia
fa99ee9d5b feat(allowlist): add exceptions to allowlist (#2527) 2023-06-27 12:57:18 +02:00
Sergio Garcia
6efe634850 fix(iam): add StringLike condition in iam_role_cross_service_confused_deputy_prevention (#2533) 2023-06-27 10:06:46 +02:00
Sergio Garcia
c2a05da908 chore(ec2): reduce noise in Security Groups checks (#2525) 2023-06-23 15:06:09 +02:00
Sergio Garcia
e1da9e60fc chore(region): add get_default_region function in AWS Services (#2524) 2023-06-23 14:10:49 +02:00
Sergio Garcia
90ebb815d5 fix(security hub): solve Security Hub format requirements (#2520) 2023-06-21 13:04:14 +02:00
Sergio Garcia
8ea5ba5d3f chore(OCSF): improve OCSF logic (#2502) 2023-06-19 12:37:04 +02:00