ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 23:05:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,761 Commits 1 Branch 0 Tags
298373742eb2a19fbcefbabf0ff2cdfcd04fa89e
Commit Graph

171 Commits

Author SHA1 Message Date
Sergio Garcia
032feb343f feat(tags): add resource tags in A services (#1997) 2023-03-02 10:59:49 +01:00
Sergio Garcia
d6c3c0c6c1 feat(s3_bucket_level_public_access_block): new check (#1953) 2023-03-02 10:18:27 +01:00
Nacho Rivera
0c324b0f09 fix(awslambdacloudtrail): include advanced event and all lambdas in check (#1994) 2023-03-01 10:04:06 +01:00
Pepe Fagoaga
227306c572 fix(acm): Fix issues with list-certificates (#1970) 2023-02-24 10:12:38 +01:00
Sergio Garcia
849b703828 chore(resource-based scan): execute only applicable checks (#1934) 2023-02-23 13:30:21 +01:00
Nacho Rivera
eae2786825 fix(cloudtrail): Handle when the CloudTrail bucket is in another account (#1956) 2023-02-23 13:04:32 +01:00
Sergio Garcia
844ad70bb9 fix(cloudwatch): allow " in regex patterns (#1943) 2023-02-21 16:46:23 +01:00
Sergio Garcia
5ac7cde577 chore(iam_disable_N_days_credentials): improve checks logic (#1923) 2023-02-21 15:20:33 +01:00
Sergio Garcia
ce3ef0550f chore(Security Hub): add status extended to Security Hub (#1921) 2023-02-21 15:11:43 +01:00
Fennerr
c6647b4706 chore(secrets): Improve the status_extended with more information (#1937) 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-02-21 11:37:20 +01:00
Sergio Garcia
f913536d88 fix(services): solve errors in EMR, RDS, S3 and VPC services (#1913) 2023-02-21 11:11:39 +01:00
Sergio Garcia
6e6dacbace chore(security hub): add --skip-sh-update (#1911) 2023-02-20 09:58:00 +01:00
Fennerr
fa228c876c fix(iam_rotate_access_key_90_days): check only active access keys (#1929) 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-02-17 12:53:28 +01:00
Ignacio Dominguez
b453df7591 fix(iam-credentials-expiration): IAM password policy expires passwords fix (#1903) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-02-14 13:54:58 +01:00
Nacho Rivera
2d5de6ff99 fix(cross account): cloudtrail s3 bucket logging (#1902) 2023-02-14 11:23:31 +01:00
Nacho Rivera
14898b6422 fix(Azure_Audit_Info): Added audited_resources field (#1891) 2023-02-13 15:17:11 +01:00
Nacho Rivera
6da45b5c2b fix(list_checks): arn filtering checks after audit_info set (#1887) 2023-02-13 14:57:42 +01:00
Nacho Rivera
d22d4c4c83 fix(cloudtrail_multi_region_enabled): reformat check (#1880) 2023-02-10 12:34:53 +01:00
Sergio Garcia
d88640fd20 fix(errors): solve several services errors (AccessAnalyzer, AppStream, KMS, S3, SQS, R53, IAM, CodeArtifact and EC2) (#1879) 2023-02-10 12:26:00 +01:00
Nacho Rivera
5e9afddc3a fix(permissive role assumption): actions list handling (#1869) 2023-02-09 10:06:53 +01:00
Pepe Fagoaga
de281535b1 feat(boto3-config): Use standard retrier (#1868) 
Co-authored-by: Sergio Garcia <38561120+sergargar@users.noreply.github.com>
 2023-02-09 09:58:47 +01:00
Sergio Garcia
5b9db9795d feat(new check): add accessanalyzer_enabled check (#1864) 
Co-authored-by: sergargar <sergargar@users.noreply.github.com>
 2023-02-08 17:39:25 +01:00
Sergio Garcia
231bc0605f fix(output_bucket): Use full path for -o option with output to S3 bucket (#1854) 
Co-authored-by: sergargar <sergargar@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-02-07 17:28:25 +01:00
Sergio Garcia
54c16e3cdb chore(security hub): improve securityhub_enabled check logic (#1851) 
Co-authored-by: sergargar <sergargar@users.noreply.github.com>
 2023-02-07 11:29:39 +01:00
Sergio Garcia
ed54c5b8b9 feat(exit_code 3): add -z option (#1848) 
Co-authored-by: sergargar <sergargar@users.noreply.github.com>
 2023-02-07 09:51:46 +01:00
Sergio Garcia
13316b68aa fix(checks): solve different errors in EFS, S3 and VPC (#1841) 
Co-authored-by: sergargar <sergargar@users.noreply.github.com>
 2023-02-07 09:42:10 +01:00
Pepe Fagoaga
98689d223e fix(lambda-runtime): Init value must be empty string (#1837) 2023-02-06 09:38:35 +01:00
Pepe Fagoaga
9b91c00fcc fix(awslambda_function_no_secrets_in_code): Retrieve Code if set (#1833) 2023-02-03 14:28:31 +01:00
Nacho Rivera
e07fc9fbb9 fix(cloudtrail): included advanced data events selectors (#1814) 2023-02-03 14:02:16 +01:00
Sergio Garcia
c7a9492e96 feat(scan-type): AWS Resource ARNs based scan (#1807) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-02-01 14:09:22 +01:00
Sergio Garcia
360c6f3c1c fix(cloudtrail): improve cloudtrail_cloudwatch_logging_enabled status extended (#1813) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-02-01 14:08:11 +01:00
Sergio Garcia
3ac4dc8392 feat(scanner): Tag-based scan (#1751) 
Co-authored-by: Toni de la Fuente <toni@blyx.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-01-31 12:19:29 +01:00
Nacho Rivera
0d1a5318ec feat(audit-metadata): retrieve audit metadata from execution (#1803) 2023-01-31 11:24:01 +01:00
Sergio Garcia
bbc9e11205 fix(ec2_securitygroup_not_used): ignore default security groups (#1800) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-30 16:51:07 +01:00
Sergio Garcia
75571e4266 fix(iam_avoid_root_usage): correct date logic (#1801) 2023-01-30 16:47:24 +01:00
Sergio Garcia
4e879271a0 fix(iam_policy_no_administrative_privileges): check only *:* permissions (#1802) 2023-01-30 16:47:09 +01:00
Nacho Rivera
552e0fefc3 fix(accessanalyzer_enabled_without_findings): fixed status findings (#1799) 2023-01-30 13:22:05 +01:00
Sergio Garcia
a795fdc40d fix(IAM): remove duplicate list_policies function (#1763) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-25 13:58:58 +01:00
Acknosyn
02e57927fc fix(): IAM status messages switched fail and pass text and some grammar (#1756) 
Co-authored-by: Francesco Badraun <francesco.badraun@zxsecurity.co.nz>
Co-authored-by: sergargar <sergio@verica.io>
Co-authored-by: n4ch04 <nachor1992@gmail.com>
 2023-01-25 10:29:04 +01:00
github-actions[bot]
f9b985e03d feat(regions_update): Changes in regions for AWS services. (#1761) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-24 10:39:49 +01:00
Sergio Garcia
d02bd9b717 fix(allowlist): remove re.escape (#1734) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-18 17:45:51 +01:00
Sergio Garcia
e6310c32ac feat(check): add iam_role_cross_service_confused_deputy_prevention check (#1710) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-17 12:17:37 +01:00
Sergio Garcia
654b4702d0 fix(error): ecr_repositories_scan_vulnerabilities_in_latest_image report not found (#1719) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-17 12:17:15 +01:00
Pepe Fagoaga
e7796268b5 feat(only_logs): New logging flag to only show execution logs (#1708) 2023-01-17 10:13:09 +01:00
Gabriel Soltz
64090474e1 fix(apigateway): Add ApiGateway ResourceArn and check fixes (#1707) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-16 10:23:14 +01:00
Sergio Garcia
fe906477da fix(aws_regions_by_service.json): FileNotFoundError[13] (#1689) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-12 13:24:03 +01:00
Sergio Garcia
92cc2c8e69 fix(config): path error in Windows environment (#1684) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-10 17:06:14 +01:00
Fennerr
b965fda226 feat(ecs_task_definitions_no_environment_secrets): Update resource_id (#1665) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-09 16:05:45 +01:00
Sergio Garcia
4dfa20e40b fix(Security Hub): associate resource_arn as resourceId (#1672) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-09 14:16:57 +01:00
Gabriel Soltz
d5edbaa3a9 fix(s3): Add S3 ResourceArn (#1666) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-09 11:04:09 +01:00