ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 07:15:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,579 Commits 1 Branch 0 Tags
2f8a8988d73200d74b8fd73dc57e5d2b996d2a39
Commit Graph

75 Commits

Author SHA1 Message Date
Gabriel Soltz
2f8a8988d7 feat(checks): New IAM Checks no full access to critical services (#2183) 2023-04-12 07:47:21 +02:00
Sergio Garcia
9104d2e89e fix(kms): handle empty principal error (#2192) 2023-04-11 16:59:29 +02:00
Gabriel Soltz
e75022763c feat(checks): New iam_securityaudit_role_created (#2182) 2023-04-11 14:15:39 +02:00
Gabriel Soltz
f0f3fb337d feat(check): New CloudTrail check cloudtrail_insights_exist (#2184) 2023-04-11 13:49:54 +02:00
Gabriel Soltz
f4f4093466 feat(backup): New backup service and checks (#2172) 
Co-authored-by: Nacho Rivera <nacho@verica.io>
 2023-04-11 07:43:40 +02:00
dependabot[bot]
434cf94657 build(deps-dev): bump moto from 4.1.5 to 4.1.6 (#2164) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-04-05 12:31:58 +02:00
Nacho Rivera
dcb893e230 fix(elbv2 desync check): Mixed elbv2 desync and smuggling (#2171) 2023-04-05 11:36:06 +02:00
Pepe Fagoaga
8c6606ad95 fix(dax): Call list_tags using the cluster ARN (#2167) 2023-04-04 09:30:36 +02:00
Gabriel Soltz
608fd92861 feat(new_checks): New AWS Organizations related checks (#2133) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-03-30 17:36:23 +02:00
Nacho Rivera
e8cc0e6684 fix(delete check): delete check ec2_securitygroup_in_use_without_ingress_filtering (#2148) 2023-03-29 09:13:43 +02:00
Pepe Fagoaga
0d16880596 fix(s3): handle if ignore_public_acls is None (#2128) 2023-03-27 17:00:20 +02:00
Sergio Garcia
51eacbfac5 feat(allowlist): add tags filter to allowlist (#2105) 2023-03-21 11:14:59 +01:00
dependabot[bot]
d34f863bd4 build(deps-dev): bump moto from 4.1.4 to 4.1.5 (#2111) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-03-21 09:27:44 +01:00
Nacho Rivera
789b211586 feat(lambda_cloudtrail check): improved logic and status extended (#2092) 2023-03-15 12:32:58 +01:00
Sergio Garcia
2d1c3d8121 fix(emr): solve emr_cluster_publicly_accesible error (#2086) 2023-03-14 13:10:21 +01:00
dependabot[bot]
a24cc399a4 build(deps-dev): bump moto from 4.1.3 to 4.1.4 (#2045) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-03-07 12:45:50 +01:00
Sergio Garcia
c5a42cf5de feat(rds_instance_transport_encrypted): add new check (#1963) 
Co-authored-by: Toni de la Fuente <toni@blyx.com>
 2023-03-06 13:18:41 +01:00
Fennerr
17cd0dc91d feat(new_check): cloudwatch_log_group_no_secrets_in_logs (#1980) 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
Co-authored-by: Jeffrey Souza <JeffreySouza@users.noreply.github.com>
 2023-03-06 12:16:46 +01:00
Sergio Garcia
f45ea1ab53 fix(check): change cloudformation_outputs_find_secrets name (#2027) 2023-03-06 12:11:58 +01:00
Sergio Garcia
467c5d01e9 fix(cloudtrail): list tags only in owned trails (#2025) 2023-03-02 16:16:19 +01:00
Sergio Garcia
24711a2f39 feat(tags): add resource tags to S-W services (#2020) 2023-03-02 14:21:05 +01:00
Sergio Garcia
e8a1378ad0 feat(tags): add resource tags to G-R services (#2009) 2023-03-02 13:56:22 +01:00
Sergio Garcia
76bb418ea9 feat(tags): add resource tags to E services (#2007) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-03-02 13:55:26 +01:00
Sergio Garcia
da834c0935 feat(tags): add resource tags to C-D services (#2003) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-03-02 13:14:53 +01:00
Sergio Garcia
032feb343f feat(tags): add resource tags in A services (#1997) 2023-03-02 10:59:49 +01:00
Sergio Garcia
d6c3c0c6c1 feat(s3_bucket_level_public_access_block): new check (#1953) 2023-03-02 10:18:27 +01:00
Nacho Rivera
0c324b0f09 fix(awslambdacloudtrail): include advanced event and all lambdas in check (#1994) 2023-03-01 10:04:06 +01:00
Pepe Fagoaga
227306c572 fix(acm): Fix issues with list-certificates (#1970) 2023-02-24 10:12:38 +01:00
Nacho Rivera
eae2786825 fix(cloudtrail): Handle when the CloudTrail bucket is in another account (#1956) 2023-02-23 13:04:32 +01:00
Sergio Garcia
844ad70bb9 fix(cloudwatch): allow " in regex patterns (#1943) 2023-02-21 16:46:23 +01:00
Sergio Garcia
5ac7cde577 chore(iam_disable_N_days_credentials): improve checks logic (#1923) 2023-02-21 15:20:33 +01:00
Fennerr
c6647b4706 chore(secrets): Improve the status_extended with more information (#1937) 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-02-21 11:37:20 +01:00
Sergio Garcia
f913536d88 fix(services): solve errors in EMR, RDS, S3 and VPC services (#1913) 2023-02-21 11:11:39 +01:00
Fennerr
fa228c876c fix(iam_rotate_access_key_90_days): check only active access keys (#1929) 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-02-17 12:53:28 +01:00
Ignacio Dominguez
b453df7591 fix(iam-credentials-expiration): IAM password policy expires passwords fix (#1903) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-02-14 13:54:58 +01:00
Nacho Rivera
2d5de6ff99 fix(cross account): cloudtrail s3 bucket logging (#1902) 2023-02-14 11:23:31 +01:00
Nacho Rivera
d22d4c4c83 fix(cloudtrail_multi_region_enabled): reformat check (#1880) 2023-02-10 12:34:53 +01:00
Sergio Garcia
d88640fd20 fix(errors): solve several services errors (AccessAnalyzer, AppStream, KMS, S3, SQS, R53, IAM, CodeArtifact and EC2) (#1879) 2023-02-10 12:26:00 +01:00
Nacho Rivera
5e9afddc3a fix(permissive role assumption): actions list handling (#1869) 2023-02-09 10:06:53 +01:00
Pepe Fagoaga
de281535b1 feat(boto3-config): Use standard retrier (#1868) 
Co-authored-by: Sergio Garcia <38561120+sergargar@users.noreply.github.com>
 2023-02-09 09:58:47 +01:00
Sergio Garcia
5b9db9795d feat(new check): add accessanalyzer_enabled check (#1864) 
Co-authored-by: sergargar <sergargar@users.noreply.github.com>
 2023-02-08 17:39:25 +01:00
Sergio Garcia
54c16e3cdb chore(security hub): improve securityhub_enabled check logic (#1851) 
Co-authored-by: sergargar <sergargar@users.noreply.github.com>
 2023-02-07 11:29:39 +01:00
Sergio Garcia
13316b68aa fix(checks): solve different errors in EFS, S3 and VPC (#1841) 
Co-authored-by: sergargar <sergargar@users.noreply.github.com>
 2023-02-07 09:42:10 +01:00
Pepe Fagoaga
98689d223e fix(lambda-runtime): Init value must be empty string (#1837) 2023-02-06 09:38:35 +01:00
Pepe Fagoaga
9b91c00fcc fix(awslambda_function_no_secrets_in_code): Retrieve Code if set (#1833) 2023-02-03 14:28:31 +01:00
Nacho Rivera
e07fc9fbb9 fix(cloudtrail): included advanced data events selectors (#1814) 2023-02-03 14:02:16 +01:00
Sergio Garcia
c7a9492e96 feat(scan-type): AWS Resource ARNs based scan (#1807) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-02-01 14:09:22 +01:00
Sergio Garcia
360c6f3c1c fix(cloudtrail): improve cloudtrail_cloudwatch_logging_enabled status extended (#1813) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-02-01 14:08:11 +01:00
Sergio Garcia
3ac4dc8392 feat(scanner): Tag-based scan (#1751) 
Co-authored-by: Toni de la Fuente <toni@blyx.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-01-31 12:19:29 +01:00
Sergio Garcia
bbc9e11205 fix(ec2_securitygroup_not_used): ignore default security groups (#1800) 
Co-authored-by: sergargar <sergio@verica.io>
 2023-01-30 16:51:07 +01:00