ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 07:15:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,109 Commits 1 Branch 0 Tags
24fcfb1066b40361cae8ba8f255fc7471f86839a
Commit Graph

1109 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Toni de la Fuente
24fcfb1066 v2.3.0RC 2020-05-06 23:27:30 +02:00
Toni de la Fuente
977fe7408e Added whitelist option to README and recuce output for -w 2020-05-06 23:24:42 +02:00
Toni de la Fuente
f618a16075 Fixed AWS partition variable on generateJsonAsffOutput 2020-05-06 22:57:26 +02:00
Toni de la Fuente
68ad3a7461 Support whitelists per check @urjitbhatia 
Support whitelists per check using option -w whitelistfile.txt
 2020-05-06 22:46:57 +02:00
Toni de la Fuente
412c9c1e5a added back LIST_OF_CHECKS_AND_GROUPS.md 2020-05-06 22:09:32 +02:00
Toni de la Fuente
3df27862ac Support setting entropy limit for detect-secrets from env BASE64_LIMIT and HEX_LIMIT @yumminhuang 
Support setting entropy limit for detect-secrets from env:
export BASE64_LIMIT=4.5
export HEX_LIMIT=3.0
 2020-05-06 14:37:23 +02:00
Huang Yaming
bc07c95bda Support setting entropy limit for detect-secrets from env 2020-05-06 17:53:23 +08:00
Urjit Singh Bhatia
8cdf3838a0 Print warnings with the right color code 2020-05-04 16:33:50 -07:00
Urjit Singh Bhatia
5ac9be3292 correct color info line for warning 2020-05-04 14:48:04 -07:00
Urjit Singh Bhatia
103782f72b Fix warning handling with changes to official master 2020-05-04 14:37:30 -07:00
Urjit Singh Bhatia
5886f8524a Merge remote-tracking branch 'official/master' into whitelistSupport 2020-05-04 13:56:14 -07:00
Toni de la Fuente
996f785af6 Improve check21 If no account cloudtrail trail is found, check org trail @nimrodkor @bridgecrewio 
check21 - If no account CloudTrail trail is found, check org trail
 2020-04-29 22:24:24 +02:00
Nimrod Kor
dd0ef8c0b4 If no local cloudtrail trail is found - check org trail 2020-04-29 21:39:27 +03:00
Toni de la Fuente
a2cbcc00eb Fix issue with aws-cli v2 and timestamp on check24 #585 2020-04-29 18:10:41 +02:00
Toni de la Fuente
5450bf949e Fix check12's grep to find users with true in their name who really have password access @nimrodkor @bridgecrewio 
Fix check12's grep to find users with true in their name who really have password access @nimrodkor @bridgecrewio
 2020-04-29 13:02:26 +02:00
Toni de la Fuente
e4ae0a403a Ensure that hyphen is at end of tr string to prevent 'reverse collating sequence order' error in GNU tr @marcjay 
Ensure that hyphen is at end of tr string to prevent 'reverse collating sequence order' error in GNU tr
 2020-04-29 12:09:53 +02:00
Toni de la Fuente
1f949b4175 Improved AWS partition handle 2020-04-29 12:06:47 +02:00
Nimrod Kor
dbca70ef2e Add $ to end of regex 2020-04-28 14:28:59 +03:00
Nimrod Kor
54f2b72cb6 Fix check12's grep to find users who really have password access 
(cherry picked from commit 4006c581a06c449b66ede8892b9ae18c735ad34c)
 2020-04-28 14:13:32 +03:00
Marc Jay
af3afa8c8f Merge branch 'master' into fix-tr-error-on-centos-573 2020-04-27 17:24:03 +01:00
Toni de la Fuente
684473327a Fix output modes strings to ensure correct outputs are selected @marcjay 
Wrap all mode checks with whitespace, along with comparison strings to ensure correct outputs are selected
 2020-04-27 16:20:56 +02:00
Marc Jay
f84b843388 Wrap all mode checks with whitespace, along with comparison strings, so only exact string matches are allowed, preventing clashes when output modes are named similarly, e.g. 'json' and 'json-asff' 
Fixes #571
 2020-04-26 01:02:39 +01:00
Marc Jay
e25125fbfc Ensure that hyphen is at end of tr string to prevent 'reverse collating sequence order' error in GNU tr 
Stop echo from adding newlines using `-n`, removing the need to stop replacing new-line characters with underscores

Fixes #573
 2020-04-26 00:40:27 +01:00
Toni de la Fuente
33523885f1 Delete LIST_OF_CHECKS_AND_GROUPS.md 2020-04-23 16:27:59 +02:00
Toni de la Fuente
13ca147d02 Updated checks with hardcoded arn to support GovCloud partition 2020-04-22 23:23:17 +02:00
Toni de la Fuente
dbb3ed9663 Improved extra734 for GovCloud 2020-04-22 22:19:21 +02:00
Toni de la Fuente
1beb483be3 Fixed issue with govcloud on extra764 #536 2020-04-22 20:40:18 +02:00
Toni de la Fuente
7dc790a3f5 Fixed issue with govcloud on extra764 #536 2020-04-22 20:05:39 +02:00
Toni de la Fuente
8c9aea1231 Improved GetCallerIdentity handling / credentials 2020-04-22 13:54:17 +02:00
Toni de la Fuente
9f03bd7545 Added txt output as mono for -M 2020-04-22 12:58:54 +02:00
Toni de la Fuente
2eb41ff910 Added account id to the output filename 2020-04-22 12:32:05 +02:00
Toni de la Fuente
2d64a1182e Added account id to the output filename 2020-04-22 12:31:27 +02:00
Toni de la Fuente
43fb877109 Added account id to the output filename 2020-04-22 12:28:31 +02:00
Toni de la Fuente
ef952ce9cc Simplified caller id info on outputs 2020-04-22 12:07:20 +02:00
Toni de la Fuente
0cca77a141 Check if gbase64 (GNU) is available on Mac and use it in preference to BSD base64 @marcjay 
Check if gbase64 (GNU) is available on Mac and use it in preference to BSD base64
 2020-04-22 12:01:40 +02:00
Toni de la Fuente
5b9cf7fa99 Fix -E flag no longer excluding checks @marcjay 
Fix -E flag no longer excluding checks
 2020-04-22 11:55:01 +02:00
Marc Jay
5805576dce Check if gbase64 (GNU) is available on Mac and use it in preference to BSD base64 
Previously it was switching to GNU versions of base64 even if base64 was the BSD version

Fixes #568
 2020-04-22 10:35:33 +01:00
Toni de la Fuente
9cbdefc2de Adds CSV header to the output file too #565 2020-04-22 11:27:08 +02:00
Marc Jay
c2669622cf Fix -E flag no longer excluding checks 
Remove re-declaration of TOTAL_CHECKS variable

Bug introduced by #561

Fixes #566
 2020-04-22 09:58:33 +01:00
Toni de la Fuente
b9051e6fc9 Merge pull request #563 from marcjay/correct-check13-496 
Extend check13 to meet all CIS rules and consolidate with extra774
 2020-04-22 10:46:37 +02:00
Toni de la Fuente
92091d9ecd Rollback #562 fix issue #564 2020-04-22 10:31:30 +02:00
Marc Jay
ad66254b45 Extend check13 to meet all CIS rules and consolidate with extra774 
Create `include/check_creds_last_used` and move all logic for checking last usages of passwords and access keys there
Modify check13 and extra774 to call new function, specifying time-range of last 90 days and last 30 days respectively
Modify messages in check14 and check121 so that all mentions of 'access key's are consistent

Fixes #496
 2020-04-21 01:21:55 +01:00
Toni de la Fuente
d6374f8bc8 Updated textInfo message on extra712 2020-04-20 19:27:39 +02:00
Toni de la Fuente
0c7805356e Enhancement: extra712 improved with Macie API call instead of IAM @eko0126 
using api commands to check if macie is enabled instead of looking ia…
 2020-04-20 19:20:13 +02:00
Toni de la Fuente
86ea46d77c Update check_extra712 2020-04-20 19:19:05 +02:00
Toni de la Fuente
3feac6f75b Improve listing of Checks and Groups @marcjay 
Improve listing of Checks and Groups
 2020-04-20 19:14:50 +02:00
Marc Jay
71bf414faf Merge branch 'master' into improve-listing-of-checks-and-groups-545 2020-04-20 18:11:06 +01:00
Toni de la Fuente
38a970f4fc Enhancement: extra768 only check latest version of ECS task definition 
Only check latest version of task definition
 2020-04-20 19:00:26 +02:00
Toni de la Fuente
3dae201a80 Merge branch 'marcjay-add-junit-xml-output-mode-log-duration-537' 2020-04-20 18:57:27 +02:00
Toni de la Fuente
d45b739b1e Merge branch 'add-junit-xml-output-mode-log-duration-537' of https://github.com/marcjay/prowler into marcjay-add-junit-xml-output-mode-log-duration-537 2020-04-20 18:51:26 +02:00