ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,233 Commits 1 Branch 0 Tags
2220cf9733bdce962ef023619678e51064379617
Commit Graph

321 Commits

Author SHA1 Message Date
Pepe Fagoaga
2220cf9733 refactor(allowlist): Simplify and handle corner cases (#3019) 2023-11-10 09:11:52 +01:00
Nacho Rivera
299ece19a8 fix(clean local output dirs): clean dirs when output to s3 (#2997) 2023-11-08 10:05:24 +01:00
John Mastron
ec01b62a82 fix(aws): check all conditions in IAM policy parser (#3006) 
Co-authored-by: John Mastron <jmastron@jpl.nasa.gov>
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-11-07 10:40:34 +01:00
Pepe Fagoaga
f666711a2a fix(vpc_endpoint_services_allowed_principals_trust_boundaries): Principal (#2991) 2023-10-31 14:19:20 +01:00
Sergio Garcia
3fd2ae954d fix(elbv2_desync_mitigation_mode): improve logic (#2986) 2023-10-31 12:42:24 +01:00
dependabot[bot]
06dc3d3361 build(deps-dev): bump pytest from 7.4.2 to 7.4.3 (#2981) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-10-31 09:28:50 +01:00
ToastyCat
bb543cb5db fix(ec2_instance_imdsv2_enabled ): verify if metadata service is disabled (#2978) 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-10-30 21:16:25 +01:00
Pepe Fagoaga
373ce0ad04 fix(GuardDuty): Add enabled_in_account parameter (#2979) 2023-10-30 19:39:22 +01:00
Sergio Garcia
fcb979aae1 feat(allowlist): allowlist non-default regions configuration (#2974) 2023-10-30 17:51:49 +01:00
Pepe Fagoaga
fcc56ad6f7 chore(allowlist): Extract allowlist from report (#2975) 2023-10-30 09:52:59 +01:00
Sergio Garcia
9bd2519c83 chore(APIGatewayV2): improve check naming (#2966) 2023-10-25 16:59:06 +02:00
Pepe Fagoaga
8533714cb2 tests: remove tests folder after execution (#2962) 2023-10-24 16:29:18 +02:00
Sergio Garcia
b822c19d2c feat(ignore unused services): add --ignore-unused-services argument to ignore findings from services not in actual use (#2936) 2023-10-24 14:09:27 +02:00
Sergio Garcia
4c5e85f7ba fix(sts): force v2 STS tokens (#2956) 2023-10-24 10:15:41 +02:00
Sergio Garcia
f3b81edf67 fix(APIGateway): Improve check naming (#2952) 2023-10-20 08:07:08 +02:00
Jit
a46d7b2ed9 feat(aws): New Neptune, ElastiCache, APIGW and IAM checks (#2862) 2023-10-19 17:31:51 +02:00
Pepe Fagoaga
170241649d fix(ec2_securitygroup_not_used): Mock Lambda service (#2947) 2023-10-19 17:05:04 +02:00
Sergio Garcia
1ac22bddd6 fix(security group): check if security groups are used by Lambda (#2944) 2023-10-19 12:13:24 +02:00
Sergio Garcia
eb3cb97115 feat(vpc): add vpc, nacl or subnet names in findings (#2928) 2023-10-18 16:07:53 +02:00
Jit
85e12e9479 feat(aws): New CloudTrail, DLM, DocumentDB, EC2, Account and Support checks (#2675) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-10-17 19:00:37 +02:00
Sergio Garcia
92547bfdb6 fix(vpc): ignore com.amazonaws.vpce endpoints (#2929) 2023-10-17 11:14:12 +02:00
Sergio Garcia
02a3c750f8 chore(release): update Prowler Version to 3.10.0 (#2926) 
Co-authored-by: github-actions <noreply@github.com>
 2023-10-11 17:56:14 +02:00
Sergio Garcia
08b2ea01ab chore(iam): add IAM privilege escalation cases (#2921) 2023-10-10 12:41:02 +02:00
Sergio Garcia
9212478148 fix(cloudwatch): ignore new lines in filters (#2912) 2023-10-09 11:06:29 +02:00
Sergio Garcia
e610c2514d feat(iam): improve disable credentials checks (#2909) 2023-10-06 11:41:04 +02:00
Sergio Garcia
3955450245 fix(securityhub): archive SecurityHub findings in empty regions (#2908) 2023-10-05 15:49:43 +02:00
Sergio Garcia
9793de1e96 fix(elb): add resource ARN to checks (#2906) 2023-10-04 12:37:15 +02:00
DevOpSpace
4c15318f28 feat(wafv2): Add check wafv2_webacl_logging_enabled (#2898) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-10-04 11:10:47 +02:00
Sergio Garcia
a4d3e78eb1 fix(acm): add certificate id (#2903) 2023-10-03 13:03:46 +02:00
Sergio Garcia
0745a57f52 fix(findingID): remove duplicate finding IDs (#2890) 2023-10-03 11:31:33 +02:00
Nacho Rivera
e701aca64b test(iam_credentials): Don't use search and negative indexes (#2899) 2023-10-03 09:54:53 +02:00
Samuel Burgos
6558aedee3 feat(json-asff): adds AWS resource tags in json-asff and SecurityHub findings (#2786) 
Co-authored-by: samuel.burgos <samuel.burgos@flywire.com>
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-10-02 18:20:35 +02:00
Sergio Garcia
a2dfb60466 test(vpc_peering_routing_tables_with_least_privilege): add test (#2889) 2023-10-02 17:22:11 +02:00
Nacho Rivera
c158dcf2ef fix(iam creds checks): add missing tests and fix current ones (#2888) 2023-10-02 16:27:44 +02:00
Sergio Garcia
64f06b11b8 fix(version): add timeout and check HTTP errors (#2886) 2023-10-02 14:44:16 +02:00
Pepe Fagoaga
583194085c test(utils): Include missing tests (#2884) 2023-10-02 11:29:09 +02:00
Nacho Rivera
f4ed01444a fix(ec2_elastic_ip_unassigned): rename check (#2882) 2023-10-02 10:34:46 +02:00
Pepe Fagoaga
a7980a202d fix(aws): Include missing ARNs (#2880) 2023-10-02 08:45:06 +02:00
Pepe Fagoaga
4d6d58ef91 fix(autoscaling_find_secrets_ec2_launch_configuration): Fix UnicodeDecodeError (#2870) 2023-09-28 17:13:17 +02:00
Pepe Fagoaga
1697e6ad62 fix(outputs_unix_timestamp): Remove subsecond (#2861) 2023-09-26 16:02:52 +02:00
Pepe Fagoaga
6687f76736 refactor(security_hub): Send findings in batches (#2868) 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-09-26 14:10:25 +02:00
Sergio Garcia
70fbf1676a fix(iam_inline_policy_no_administrative_privileges): set resource id as the entity name (#2820) 2023-09-22 12:59:10 +02:00
Fennerr
6b97a04643 fix(eks_control_plane_endpoint_access_restricted): handle endpoint private access (#2824) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-09-22 11:22:56 +02:00
Fennerr
d6a35485d2 fix(sqs_queues_not_publicly_accessible): Improve status extended (#2848) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-09-22 11:20:59 +02:00
Fennerr
6204f6cdc8 fix(eks_endpoints_not_publicly_accessible): handle endpoint private access (#2825) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-09-22 11:19:56 +02:00
dependabot[bot]
e86d194f11 build(deps-dev): bump moto from 4.2.2 to 4.2.3 (#2851) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-09-19 13:38:39 +02:00
Kay Agahd
3dd8aeac7c fix(iam): findings of some checks may have been lost (#2847) 2023-09-18 10:46:04 +02:00
Pepe Fagoaga
a980b2606b fix(cloudtrail_s3_dataevents_read/write_enabled): Handle S3 ARN (#2844) 2023-09-15 11:36:40 +02:00
Kay Agahd
f1bea27e44 feat(iam): add new check iam_role_administratoraccess_policy (#2822) 2023-09-12 09:19:20 +02:00
Nacho Rivera
30ba6029f5 feat(unix timestamp): add unix timestamp to outputs (#2813) 2023-09-07 09:14:02 +02:00