ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 07:15:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,076 Commits 1 Branch 0 Tags
2d64a1182e95975b008a94de79df066318067b6c
Commit Graph

378 Commits

Author SHA1 Message Date
Toni de la Fuente
62991cfb48 Added exttra747 RDS CloudWatch Log integration 2019-05-15 23:31:25 -04:00
Toni de la Fuente
8b4b59e9d5 Added extra739 RDS backup and RDS group of checks 2019-05-15 23:12:06 -04:00
Toni de la Fuente
a6569a0a70 Added group12 apigateway checks 2019-05-13 17:01:45 -04:00
Toni de la Fuente
a59aedc43b Fixed accuracy for check_extra722 2019-05-13 17:00:56 -04:00
Toni de la Fuente
50b6e630d8 Added extra746 API Gateway has authorizers 2019-05-13 16:39:37 -04:00
Toni de la Fuente
da25a02e80 removed extra746 duplicated with extra722 2019-05-13 16:33:38 -04:00
Toni de la Fuente
967fe029c2 Fixed new API Gateway checks alias 2019-05-13 16:30:03 -04:00
Toni de la Fuente
3582b424b0 Added extra747 API Gateway has CloudWatch Logs 2019-05-13 16:29:28 -04:00
Toni de la Fuente
65e2ff7951 Added extra746 API Gateway has authorizers 2019-05-13 15:52:48 -04:00
Toni de la Fuente
504a11bb2e Added extra745 API Gateway public or private 2019-05-07 00:03:23 -04:00
Toni de la Fuente
f03eccf6c8 Added extra744 API Gateway has a WAF ACL attached 2019-05-06 23:25:14 -04:00
Toni de la Fuente
d0789859a3 Added extra743 API Gateway has client certificate enabled 2019-05-06 23:21:27 -04:00
Toni de la Fuente
1b4045d57c Added extra743 API Gateway has client certificate enabled 2019-05-06 23:10:27 -04:00
soffensive
f5708d7db6 Separate default encryption and bucket policy encryption 
Default encryption (2017): https://aws.amazon.com/blogs/aws/new-amazon-s3-encryption-security-features/
Bucket policy (2016): https://aws.amazon.com/blogs/security/how-to-prevent-uploads-of-unencrypted-objects-to-amazon-s3/
 2019-04-29 16:31:42 +02:00
Toni de la Fuente
6dd0ab06d2 Merge pull request #319 from toniblyx/devel 
Devel
 2019-04-23 23:21:47 -04:00
Toni de la Fuente
42220828ce Fixed issue #317 2019-04-23 23:20:11 -04:00
Toni de la Fuente
b4c4a46cc6 Fixed issue #315 2019-04-23 11:32:56 -04:00
soffensive
e0d86c134a Iterate over all regions 
Iterate over all regions
 2019-04-17 13:38:12 +02:00
soffensive
7a44b8bcca Iterate over all regions 
Iterate over all regions
 2019-04-17 13:36:00 +02:00
Toni de la Fuente
2870f38bdc Merge pull request #312 from toniblyx/devel 
Devel for 2.0.1
 2019-04-09 02:51:04 +01:00
Toni de la Fuente
1956be4dc3 Delete duplicate check extra739 2019-04-09 02:49:55 +01:00
Artashes Arabajyan
917a323c15 Fixed check122 to match CIS 1.22 checks requirements, instead of '=~ *' use '== *' 2019-04-05 12:06:27 +02:00
Toni de la Fuente
ddad72fc5f Fix issue #309 2019-03-27 22:42:13 +00:00
Toni de la Fuente
b03aca80a1 Fixed issue #308 2019-03-27 22:35:50 +00:00
Toni de la Fuente
9d526ff098 Added group11 keys and improved 741 and 742 2019-03-12 23:14:50 -04:00
Toni de la Fuente
bde9482928 Added check extra742 to find keys in CloudFormation Outputs 2019-03-12 22:40:40 -04:00
Toni de la Fuente
a3d1ed5129 Merge pull request #304 from toniblyx/devel 
Devel
 2019-03-11 22:27:07 -04:00
Toni de la Fuente
c8cc343784 Fix issue #303 2019-03-11 22:12:54 -04:00
Toni de la Fuente
6d15bb67fe Fix issue #300 2019-03-11 22:10:37 -04:00
Toni de la Fuente
b60d320622 Improved tittle to describe what extra71 does 2019-03-11 22:09:12 -04:00
Toni de la Fuente
7117399e14 Added find creds in URL on extra741 2019-03-05 11:40:29 -05:00
Toni de la Fuente
6f678a1093 Merge pull request #298 from toniblyx/devel 
Devel
 2019-03-04 22:45:58 -05:00
Toni de la Fuente
2bc3575de8 Improved extra714 to find secrets 2019-03-04 22:25:04 -05:00
Toni de la Fuente
18e9e7f0e1 Merge pull request #297 from toniblyx/devel 
Devel
 2019-03-04 21:26:29 -05:00
Toni de la Fuente
327323e32f Merge pull request #295 from clintmoyer/spellcheck 
Spelling fix "reshift" means "redshift"
 2019-02-20 18:11:31 -05:00
Clint Moyer
3c2ad65246 Spelling fix "reshift" means "redshift" 2019-02-20 12:30:04 -07:00
Toni de la Fuente
170557a422 New POC scoring and extra741 key finder userdata 2019-02-08 16:39:05 +00:00
Tom Crawford
34b6c4446d Added check for integer in response from AWS 2019-02-04 17:01:37 +00:00
Toni de la Fuente
6600df9be9 extra741 finding keys in UserData 2019-01-29 06:09:37 +00:00
Toni de la Fuente
8f89a01541 Merge pull request #284 from toniblyx/devel 
Devel
 2019-01-07 22:15:28 -05:00
Toni de la Fuente
2e754a5370 Fixed check120 2019-01-07 22:06:34 -05:00
Toni de la Fuente
97a59cf5e4 Merge pull request #276 from affanhmalik/check29 
Check for flowlogs only in active VPCs, avoid false flag if a region …
 2018-12-19 23:53:42 -05:00
Morey Straus
8935233a05 Update check_extra739 
typo correction
 2018-12-14 14:32:38 -08:00
Affan Malik
bacdf6ed22 Check for flowlogs only in active VPCs, avoid false flag if a region has no VPCs 2018-12-12 15:09:31 -05:00
Samuel Dugo
573fa46aac Fixed AccessDeniedException on extra730 
When executing Prowler using a specific profile (in my case to assume a role) , check_extra730 returns:

"An error occurred (AccessDeniedException) when calling the DescribeCertificate operation: User: [ASSUMED_ROLE_ARN] is not authorized to perform: acm:DescribeCertificate on resource: [RESOURCE_ARN]"

This is because line 28 did not contain  the following parameters: "$PROFILE_OPT --region $regx" .
 2018-12-05 11:35:44 +01:00
Toni de la Fuente
aeaf533585 Added extra740 EBS snapshots are encrypted and HIPAA 2018-11-19 23:22:18 -05:00
Toni de la Fuente
5757a88227 Added extra739 ELB logging and typos 2018-11-19 22:55:29 -05:00
Jason Turner
cafd203406 Updated check29 to validate against FlowLogId which is valid for both CloudWatch and s3 destinations 2018-11-14 14:19:44 -08:00
Toni de la Fuente
2437f8fb16 Added extra738 CloudFront HTTPS 2018-11-08 20:21:46 -05:00
Toni de la Fuente
fa5b81b28e Added extra737 KMS keys rotation 2018-11-07 23:37:06 -05:00