prowler

mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 23:05:05 +00:00

Author	SHA1	Message	Date
Pepe Fagoaga	4327333d00	feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Microsoft SQL Server ports 1433 or 1434	2021-04-19 19:28:10 +02:00
Pepe Fagoaga	ab43a8b717	feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Telnet port 23	2021-04-19 19:26:10 +02:00
Pepe Fagoaga	595bcba1d9	feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Kafka port 9092	2021-04-19 19:24:31 +02:00
Pepe Fagoaga	2ac96cf29a	feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to FTP ports 20 or 21	2021-04-19 19:18:23 +02:00
Toni de la Fuente	097ddbb957	Added extra7133 RDS multi-AZ	2021-03-04 20:29:40 +01:00
Toni de la Fuente	669cb6f1a9	Added IAM to extra7100 title	2021-02-25 11:56:22 +01:00
Toni de la Fuente	fa2a40f5c0	Fix output on extra731	2021-02-23 18:27:38 +01:00
Toni de la Fuente	80b94eb667	Fix output on extra731	2021-02-23 18:24:26 +01:00
Toni de la Fuente	2883de016e	Ensure check28 only looks at symmetric keys	2021-02-22 23:15:06 +01:00
Toni de la Fuente	5d7d9efa69	Revert "check28 only look at symmetric keys"	2021-02-22 23:05:05 +01:00
Toni de la Fuente	e0dbfaaa37	Merge branch 'master' into check28-asymmetric-keys	2021-02-22 22:35:32 +01:00
Toni de la Fuente	3d834fae42	Fix typos and add to extras extra7132	2021-02-22 21:44:48 +01:00
Toni de la Fuente	aa3f8a6b5c	Add check for RDS enhanced monitoring @mpratsch Add check for RDS enhanced monitoring @mpratsch	2021-02-22 21:41:24 +01:00
Toni de la Fuente	bddf71d5e6	Add access checks for several checks @zfLQ2qx2 Add access checks for several checks @zfLQ2qx2 (21,22,23,24,25,26,27,28,29,720,725)	2021-02-22 21:38:39 +01:00
Toni de la Fuente	138ece153e	Adjusted severity to secrets and Shodan checks	2021-02-05 08:39:02 +01:00
Toni de la Fuente	5d04febf81	Adjusted severity like in Security Hub	2021-02-05 08:34:34 +01:00
Martina Rath	696a776e2e	Move extra7132 to rd group and add CHECK_SERVICENAME to check	2021-02-05 08:32:06 +01:00
Martina Rath	073d2ab727	Add check if Enhanced monitoring is enabled on RDS instances	2021-02-05 08:12:11 +01:00
Michael Dop	7e8de8adb8	check28 only look at symmetric keys AWS doesn't support the automatic rotation of asymmetric keys	2021-02-04 10:07:27 -05:00
C.J	de87de3b39	Add access checks for several checks	2021-02-03 17:07:02 -05:00
Toni de la Fuente	d33c82cd00	Merge branch 'master' into patch-1	2021-02-03 14:54:22 +01:00
Toni de la Fuente	0e3e4a9227	Updated added CHECK_SERVICENAME_extra73="s3"	2021-02-03 14:51:11 +01:00
Toni de la Fuente	bea84ad6d3	Fix title grammar in check_extra73 @CenturionGamer Fix title grammar in check_extra73 @CenturionGamer	2021-02-03 14:49:35 +01:00
CenturionGamer	880523880d	Update check_extra73 Fixed the grammar by removing "the" in the description.	2021-01-28 13:06:44 -05:00
Toni de la Fuente	dfdff6e863	Added service name to all checks	2021-01-22 00:23:53 +01:00
Toni de la Fuente	8ed40791ad	Added service name to sample check	2021-01-22 00:21:26 +01:00
Toni de la Fuente	f85845c26b	Added service name to all checks	2021-01-22 00:19:45 +01:00
Toni de la Fuente	6bb49fd162	Merge branch 'master' of https://github.com/toniblyx/prowler	2021-01-21 22:40:50 +01:00
Toni de la Fuente	478cb4aa54	Adjusted severity variable	2021-01-21 22:40:25 +01:00
soffensive	f7e4a1f6a4	Update check_extra7130 Profile was not set	2021-01-18 16:41:18 +01:00
İlyas Apaydın	8e35e63359	fix regex in check43	2021-01-14 13:38:33 +03:00
C.J	6a9a47e549	Fix for issue 713	2021-01-13 19:16:48 -05:00
Toni de la Fuente	81787d1946	Add check for AccessDenied when calling GetBucketLocation in extra73,extra734,extra764 @zfLQ2qx2 Add check for AccessDenied when calling GetBucketLocation in extra73,extra734,extra764 @zfLQ2qx2	2021-01-13 22:35:20 +01:00
Toni de la Fuente	b23f9b3b5d	Fix changes made in check27	2021-01-13 22:21:45 +01:00
Toni de la Fuente	51d6fc99ed	Handle shadow CloudTrails more gracefully in checks check21,check22,check24,check27 @zfLQ2qx2 Handle shadow CloudTrails more gracefully in checks check21,check22,check24,check27 @zfLQ2qx2	2021-01-13 21:35:07 +01:00
Toni de la Fuente	bcdd12bf84	Add new check extra7131 RDS minor version upgrade	2021-01-13 12:51:49 +01:00
C.J	733c99c1e0	Add check for AccessDenied when calling GetBucetLocation	2021-01-12 15:38:47 -05:00
C.J	ecc08722e1	Handle shadow cloudtrails more gracefully	2021-01-12 13:37:30 -05:00
Toni de la Fuente	eac59cade8	Add new check extra_7130 to check encryption of a SNS topic @mpratsch Add new check extra_7130 to check encryption of a SNS topic @mpratsch	2021-01-08 13:54:55 +01:00
Martina Rath	994abe8fa3	Add check7130 to group7_extras and fix some issues	2021-01-08 13:43:46 +01:00
Toni de la Fuente	6ad1816e37	Fix EKS related checks regarding us-west-1 @njgibbon Fix EKS related checks regarding us-west-1 @njgibbon	2021-01-07 19:29:22 +01:00
Martina Rath	9a060a3c43	Add new extras check (7130) to check encryption of a SNS topic	2020-12-30 08:46:13 +01:00
Barrie Bremner	75e5de9c37	Accept current most restrictive TLSv1.2-only ALB security policy as secure The `ELBSecurityPolicy-FS-1-2-Res-2020-10` policy is the most restrictive TLS v1.2 only SSL/TLS security policy available, and is a subset of the already accepted `ELBSecurityPolicy-FS-1-2-Res-2019-08` policy - this commit adds `ELBSecurityPolicy-FS-1-2-Res-2020-10` to the list of acceptable "secure" security policies. `ELBSecurityPolicy-FS-1-2-Res-2020-10` has a very limited set of ciphers, is TLS v1.2 only and supports Forward Secrecy. Current SSL Labs tests gives it an "A" rating for another source of confirmation.	2020-12-24 16:52:01 +00:00
njgibbon	4adc7f5864	feat - fix - taking out eks check condition because california region	2020-12-24 00:00:06 +00:00
Toni de la Fuente	823c7d4b61	Enhanced check extra740: reworked to consider all snapshots, use JMESPath query @pacohope Enhanced check extra740: reworked to consider all snapshots, use JMESPath query	2020-12-18 10:17:52 +01:00
Toni de la Fuente	810801fb3d	Fix error handling for SubscriptionRequiredException in extra77	2020-12-17 16:52:18 +01:00
Toni de la Fuente	6ed6a47f8f	Add sleep to extra7102 to avoid Shodan API limits	2020-12-17 15:27:00 +01:00
Toni de la Fuente	7f1df739c4	Added -N <shodan_api_key> support for extra7102	2020-12-15 12:25:47 +01:00
Toni de la Fuente	9ed576b09d	Fix issue in extra776 when ECR Scanning imageDigest @adamcanzuk Fix issue in extra776 when ECR Scanning imageDigest @adamcanzuk	2020-12-14 12:59:19 +01:00
Paco Hope	f3dbecbe89	reworked check740 to consider all snapshots, use JMESPath query, and to limit its output according to max-items	2020-12-10 09:27:43 -05:00

1 2 3 4 5 ...

510 Commits