ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 07:15:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,516 Commits 1 Branch 0 Tags
1b47cba37a794e4b9c548d64eab58d6fdcf3397c
Commit Graph

64 Commits

Author SHA1 Message Date
Sergio Garcia
51eacbfac5 feat(allowlist): add tags filter to allowlist (#2105) 2023-03-21 11:14:59 +01:00
dependabot[bot]
d34f863bd4 build(deps-dev): bump moto from 4.1.4 to 4.1.5 (#2111) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-03-21 09:27:44 +01:00
Nacho Rivera
789b211586 feat(lambda_cloudtrail check): improved logic and status extended (#2092) 2023-03-15 12:32:58 +01:00
Sergio Garcia
2d1c3d8121 fix(emr): solve emr_cluster_publicly_accesible error (#2086) 2023-03-14 13:10:21 +01:00
dependabot[bot]
a24cc399a4 build(deps-dev): bump moto from 4.1.3 to 4.1.4 (#2045) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-03-07 12:45:50 +01:00
Sergio Garcia
c5a42cf5de feat(rds_instance_transport_encrypted): add new check (#1963) 
Co-authored-by: Toni de la Fuente <toni@blyx.com>
 2023-03-06 13:18:41 +01:00
Fennerr
17cd0dc91d feat(new_check): cloudwatch_log_group_no_secrets_in_logs (#1980) 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
Co-authored-by: Jeffrey Souza <JeffreySouza@users.noreply.github.com>
 2023-03-06 12:16:46 +01:00
Sergio Garcia
f45ea1ab53 fix(check): change cloudformation_outputs_find_secrets name (#2027) 2023-03-06 12:11:58 +01:00
Sergio Garcia
467c5d01e9 fix(cloudtrail): list tags only in owned trails (#2025) 2023-03-02 16:16:19 +01:00
Sergio Garcia
24711a2f39 feat(tags): add resource tags to S-W services (#2020) 2023-03-02 14:21:05 +01:00
Sergio Garcia
e8a1378ad0 feat(tags): add resource tags to G-R services (#2009) 2023-03-02 13:56:22 +01:00
Sergio Garcia
76bb418ea9 feat(tags): add resource tags to E services (#2007) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-03-02 13:55:26 +01:00
Sergio Garcia
da834c0935 feat(tags): add resource tags to C-D services (#2003) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-03-02 13:14:53 +01:00
Sergio Garcia
032feb343f feat(tags): add resource tags in A services (#1997) 2023-03-02 10:59:49 +01:00
Sergio Garcia
d6c3c0c6c1 feat(s3_bucket_level_public_access_block): new check (#1953) 2023-03-02 10:18:27 +01:00
Nacho Rivera
0c324b0f09 fix(awslambdacloudtrail): include advanced event and all lambdas in check (#1994) 2023-03-01 10:04:06 +01:00
Pepe Fagoaga
227306c572 fix(acm): Fix issues with list-certificates (#1970) 2023-02-24 10:12:38 +01:00
Nacho Rivera
eae2786825 fix(cloudtrail): Handle when the CloudTrail bucket is in another account (#1956) 2023-02-23 13:04:32 +01:00
Sergio Garcia
844ad70bb9 fix(cloudwatch): allow " in regex patterns (#1943) 2023-02-21 16:46:23 +01:00
Sergio Garcia
5ac7cde577 chore(iam_disable_N_days_credentials): improve checks logic (#1923) 2023-02-21 15:20:33 +01:00
Fennerr
c6647b4706 chore(secrets): Improve the status_extended with more information (#1937) 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-02-21 11:37:20 +01:00
Sergio Garcia
f913536d88 fix(services): solve errors in EMR, RDS, S3 and VPC services (#1913) 2023-02-21 11:11:39 +01:00
Fennerr
fa228c876c fix(iam_rotate_access_key_90_days): check only active access keys (#1929) 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-02-17 12:53:28 +01:00
Ignacio Dominguez
b453df7591 fix(iam-credentials-expiration): IAM password policy expires passwords fix (#1903) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-02-14 13:54:58 +01:00
Nacho Rivera
2d5de6ff99 fix(cross account): cloudtrail s3 bucket logging (#1902) 2023-02-14 11:23:31 +01:00
Nacho Rivera
d22d4c4c83 fix(cloudtrail_multi_region_enabled): reformat check (#1880) 2023-02-10 12:34:53 +01:00
Sergio Garcia
d88640fd20 fix(errors): solve several services errors (AccessAnalyzer, AppStream, KMS, S3, SQS, R53, IAM, CodeArtifact and EC2) (#1879) 2023-02-10 12:26:00 +01:00
Nacho Rivera
5e9afddc3a fix(permissive role assumption): actions list handling (#1869) 2023-02-09 10:06:53 +01:00
Pepe Fagoaga
de281535b1 feat(boto3-config): Use standard retrier (#1868) 
Co-authored-by: Sergio Garcia <38561120+sergargar@users.noreply.github.com>
 2023-02-09 09:58:47 +01:00
Sergio Garcia
5b9db9795d feat(new check): add accessanalyzer_enabled check (#1864) 
Co-authored-by: sergargar <sergargar@users.noreply.github.com>
 2023-02-08 17:39:25 +01:00
Sergio Garcia
54c16e3cdb chore(security hub): improve securityhub_enabled check logic (#1851) 
Co-authored-by: sergargar <sergargar@users.noreply.github.com>
 2023-02-07 11:29:39 +01:00
Sergio Garcia
13316b68aa fix(checks): solve different errors in EFS, S3 and VPC (#1841) 
Co-authored-by: sergargar <sergargar@users.noreply.github.com>
 2023-02-07 09:42:10 +01:00
Pepe Fagoaga
98689d223e fix(lambda-runtime): Init value must be empty string (#1837) 2023-02-06 09:38:35 +01:00
Pepe Fagoaga
9b91c00fcc fix(awslambda_function_no_secrets_in_code): Retrieve Code if set (#1833) 2023-02-03 14:28:31 +01:00
Nacho Rivera
e07fc9fbb9 fix(cloudtrail): included advanced data events selectors (#1814) 2023-02-03 14:02:16 +01:00
Sergio Garcia
c7a9492e96 feat(scan-type): AWS Resource ARNs based scan (#1807) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-02-01 14:09:22 +01:00
Sergio Garcia
360c6f3c1c fix(cloudtrail): improve cloudtrail_cloudwatch_logging_enabled status extended (#1813) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-02-01 14:08:11 +01:00
Sergio Garcia
3ac4dc8392 feat(scanner): Tag-based scan (#1751) 
Co-authored-by: Toni de la Fuente <toni@blyx.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-01-31 12:19:29 +01:00
Sergio Garcia
bbc9e11205 fix(ec2_securitygroup_not_used): ignore default security groups (#1800) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-30 16:51:07 +01:00
Sergio Garcia
75571e4266 fix(iam_avoid_root_usage): correct date logic (#1801) 2023-01-30 16:47:24 +01:00
Sergio Garcia
4e879271a0 fix(iam_policy_no_administrative_privileges): check only *:* permissions (#1802) 2023-01-30 16:47:09 +01:00
Nacho Rivera
552e0fefc3 fix(accessanalyzer_enabled_without_findings): fixed status findings (#1799) 2023-01-30 13:22:05 +01:00
Sergio Garcia
a795fdc40d fix(IAM): remove duplicate list_policies function (#1763) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-25 13:58:58 +01:00
Acknosyn
02e57927fc fix(): IAM status messages switched fail and pass text and some grammar (#1756) 
Co-authored-by: Francesco Badraun <francesco.badraun@zxsecurity.co.nz>
Co-authored-by: sergargar <sergio@verica.io>
Co-authored-by: n4ch04 <nachor1992@gmail.com>
 2023-01-25 10:29:04 +01:00
Sergio Garcia
d02bd9b717 fix(allowlist): remove re.escape (#1734) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-18 17:45:51 +01:00
Sergio Garcia
e6310c32ac feat(check): add iam_role_cross_service_confused_deputy_prevention check (#1710) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-17 12:17:37 +01:00
Sergio Garcia
654b4702d0 fix(error): ecr_repositories_scan_vulnerabilities_in_latest_image report not found (#1719) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-17 12:17:15 +01:00
Gabriel Soltz
64090474e1 fix(apigateway): Add ApiGateway ResourceArn and check fixes (#1707) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-16 10:23:14 +01:00
Fennerr
b965fda226 feat(ecs_task_definitions_no_environment_secrets): Update resource_id (#1665) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-09 16:05:45 +01:00
Gabriel Soltz
d5edbaa3a9 fix(s3): Add S3 ResourceArn (#1666) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-09 11:04:09 +01:00