ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 07:15:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,119 Commits 1 Branch 0 Tags
38fb596e94226cfdf282c2efe65e4e8f6bb2d033
Commit Graph

389 Commits

Author SHA1 Message Date
Patrick Downey
84711d1ef5 Remove HomeRegion predicate from describe-trails to look for cross-region trails too 
This will hopefully address #455
 2020-04-08 12:52:13 +01:00
Patrick Downey
4ff685635e Use TrailARN property to query get-event-selectors 
This will work to query cloudtrail's that are in different accounts.
e.g. in the case of organisation managed cloudtrails.
 2020-04-08 12:52:13 +01:00
Toni de la Fuente
9c4e629647 Fixed typo in extra786 2020-04-07 20:28:38 +02:00
Marc Jay
92e1f17a80 Adds 'json-asff' and 'securityhub' output modes 
json-asff mode outputs JSON, similar to the standard 'json' mode with one check per line, but in AWS Security Finding Format - used by AWS Security Hub
Currently uses a generic Type, Resources and ProductArn value, but sets the Id to a unique value that includes the details of the message, in order to separate out checks that run against multiple resources and output one result per resource per check. This ensures that findings can be updated, should the resource move in or out of compliance

securityhub mode generates the ASFF JSON and then passes it to an 'aws securityhub batch-import-findings' call, once per resource per check. Output to the screen is similar to the standard mode, but prints whether or not the finding was submitted successfully

Fixes #524
 2020-04-07 16:08:07 +01:00
Toni de la Fuente
bd432fed92 New check for Metadata Service Version 2 #413 2020-04-07 16:46:46 +02:00
Toni de la Fuente
b5e1c9002a Improved policy handling on extra716 2020-04-03 17:54:55 +02:00
Toni de la Fuente
afb908f190 Improved policy handling on extra716 2020-04-03 17:54:25 +02:00
Toni de la Fuente
e567ccb828 v2.2.1 with new function and Improved extra779 and extra716 2020-04-02 15:31:43 +02:00
Toni de la Fuente
2e2fe96ff5 Improved extra716 filters and auth check 2020-04-01 21:57:20 +02:00
Toni de la Fuente
2e2e9b85af Merge branch 'master' of https://github.com/toniblyx/prowler 2020-04-01 16:53:04 +02:00
Toni de la Fuente
1ae5d5d725 Added custom ports variable to extra779 2020-04-01 16:52:52 +02:00
Huang Yaming
1419d4887a Ignore imported ACM Certificate in check_extra724 2020-03-27 14:49:52 +08:00
Toni de la Fuente
ba75d89911 Added connection test for port 9300 in both linux and macosx on extra779 2020-03-25 18:20:20 +01:00
Toni de la Fuente
8faf1f45c4 Added connection test for port 9300 in both linux and macosx on extra779 2020-03-25 18:19:41 +01:00
Toni de la Fuente
eae4722499 Updated ES check titles and results 2020-03-25 17:25:38 +01:00
Toni de la Fuente
8c18533752 Updated check titles 2020-03-25 17:18:43 +01:00
Toni de la Fuente
ee82424869 Enhanced extra779 with better authentication test and TEST_ES_AUTHENTICATION disabled 2020-03-25 12:44:10 +01:00
Toni de la Fuente
1615478444 Fixed query on extra779 2020-03-25 09:40:03 +01:00
Toni de la Fuente
568bba4c38 Add Elasticsearch checks issue #521 2020-03-24 23:46:11 +01:00
Toni de la Fuente
e082ef05f0 Merge branch 'patch-2' of https://github.com/lanhhuyet510/prowler into lanhhuyet510-patch-2 2020-03-23 15:09:15 +01:00
Toni de la Fuente
db3ac2361c Merge branch 'master' into checks/find_security_groups_with_wide_open_non_RFC1918_IPv4 2020-03-23 14:48:05 +01:00
Toni de la Fuente
30941c355c Added extra777 - Security Groups with too many rules @renuez 2020-03-23 14:39:23 +01:00
Nimrod Kor
b704568b23 check26 - on failure, output info and not failure 
(cherry picked from commit f80c2e28b72495ca7f60fd0ab58a51d40640a86a)
 2020-03-22 11:23:41 +02:00
Nimrod Kor
259f24ee06 check23 - on failure, output info and not failure 
(cherry picked from commit 168c71cd5f062e67b21c4cd2013992052b9258d2)
 2020-03-22 11:23:18 +02:00
Ngọ Anh Đức
0979f421c3 Update check21 2020-03-09 13:00:43 +07:00
Ngọ Anh Đức
89514a1fa8 Update check21 2020-03-09 12:59:47 +07:00
Ngọ Anh Đức
ba13f25c9e Update check21 2020-03-09 12:57:49 +07:00
Ngọ Anh Đức
53ee538e0f add $PROFILE_OPT to the CLI 2020-03-09 12:57:00 +07:00
Ngọ Anh Đức
3116adf86e Update check21 2020-03-09 12:46:16 +07:00
Ngọ Anh Đức
263926a53b Improve check21 
- Add ISLOGGING_STATUS, INCLUDEMANAGEMENTEVENTS_STATUS, READWRITETYPE_STATUS to check
- Remove ` --no-include-shadow-trails ` from CLI
2.1 Ensure CloudTrail is enabled in all regions (Scored):
Via CLI
1. ` aws cloudtrail describe-trails `
Ensure `IsMultiRegionTrail` is set to true
2. `aws cloudtrail get-trail-status --name <trailname shown in describe-trails>`
Ensure `IsLogging` is set to true
3. `aws cloudtrail get-event-selectors --trail-name <trailname shown in describetrails>`
Ensure there is at least one Event Selector for a Trail with `IncludeManagementEvents` set to
`true` and `ReadWriteType` set to `All`
 2020-03-09 12:44:23 +07:00
Philipp Zeuner
cb5858d08a Updated check_extra778 to use PROFILE_OPT and AWSCLI 2020-03-08 09:56:52 +01:00
Philipp Zeuner
1b2b52e6a7 Fixed check_extra778 reference CHECK_ID 2020-03-08 09:22:11 +01:00
Philipp Zeuner
f5d083f781 Updated check_extra778 to exclude 0.0.0.0/0 edge case 2020-03-08 09:21:17 +01:00
Philipp Zeuner
f585ca54d1 Fixed check_extra788 logic bug related to SECURITY_GROUP and improved check_cidr() isolation 2020-03-08 09:20:05 +01:00
Philipp Zeuner
f149fb7535 Refactored check name to check_extra778 2020-03-08 08:15:20 +01:00
jonjozwiak
8173c20941 Improve performance of check_extra742 by limiting to one AWS CLI call 2020-03-04 16:46:28 +02:00
Toni de la Fuente
c0d8258283 [new check] Check if ECR image scan found vulnerabilities in the newest image version 
[new check] Check if ECR image scan found vulnerabilities in the newest image version
 2020-03-03 23:06:44 +01:00
Toni de la Fuente
4646dbcd0b Updated check_extra776 title 2020-03-03 23:04:09 +01:00
Marcel Beck
db260da8b0 feat: New check for ecr image scan findings 
This will check if there is any ecr image with findings.
 2020-03-03 22:53:26 +01:00
Philipp Zeuner
162ff05e42 Updated check_extra777 to fix CHECK_ALTERNATE variable 2020-03-02 22:53:32 +01:00
Philipp Zeuner
6ea863ac3b Initial commit 2020-03-01 20:26:51 +01:00
Marcel Beck
5257ce6c0b docs: Fix typo 2020-02-28 17:58:10 +01:00
Marcel Beck
c9508c28b3 fix: check119 needs to ignore terminated instances 
Terminated does not seem to have an instance profile. And its not
possible to start a terminated instance again.
 2020-02-25 09:23:55 +01:00
Faraz Angabini
2321655503 fixed check numbers for 774,775 2020-02-22 22:16:59 -08:00
Kasprzykowski
40985212ab check_extra775 added | group7_extras and group11_secrets updated 2020-02-21 09:24:13 -05:00
Kasprzykowski
a1d26b44c3 check_extra999 added and group7_extras updated 2020-02-21 09:05:33 -05:00
Christopher Morrow
4a1d4060ec Check Extra 774 - Fixed bug - was checking account creation time instead of last logon date. 2020-02-20 15:11:13 -08:00
Toni de la Fuente
ca34590da0 Merge branch 'bugfix/check_11_check_access_keys_usage' of https://github.com/bridgecrewio/prowler into bridgecrewio-bugfix/check_11_check_access_keys_usage 2020-02-19 18:14:37 +01:00
Toni de la Fuente
44716cfab2 Merge pull request #486 from bridgecrewio/bugfix/mark_only_available_rds_instances_as_violating 
Filter for only available rds instances
 2020-02-19 18:11:43 +01:00
Toni de la Fuente
1f3aaa8c7b Merge pull request #485 from bridgecrewio/bugfix/es_public_domains_filter_condition 
Add conditions check for extra716
 2020-02-19 18:09:37 +01:00