ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 23:05:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,564 Commits 1 Branch 0 Tags
4ddf0aff862fa079a6b01c5bbd80cadb3a4ac68c
Commit Graph

1564 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Toni de la Fuente
4ddf0aff86 Added extra7142 to group extras 2021-06-01 12:28:30 +02:00
Toni de la Fuente
96b9accea8 New check extra7142 ALB Header Check request smuggling @Outrun207 
New check extra7142 ALB Header Check request smuggling @Outrun207
 2021-06-01 12:27:07 +02:00
Toni de la Fuente
324a1002a5 Fix finding customer kms keys in cli v2 for checks extra737 extra736 @dbellizzi 
Fix finding customer kms keys in cli v2 for checks extra737 extra736 @dbellizzi
 2021-06-01 12:24:19 +02:00
Toni de la Fuente
311d21546d Enhanced -f <filterregion> usage info 2021-06-01 09:10:51 +02:00
Toni de la Fuente
5f1fa558c9 Changes in text output with severity and service name 2021-06-01 09:09:25 +02:00
Toni de la Fuente
9b6198d5b0 Merge branch '2.5' of https://github.com/toniblyx/prowler into 2.5 2021-05-31 18:48:10 +02:00
Toni de la Fuente
55e703540e Fixed typo in check extra7141 ID 2021-05-31 18:47:56 +02:00
Dom Bellizzi
baf5232cbc Fix finding customer kms keys in cli v2 for checks extra737 extra736 
Key id is in position 6 in aws cli version 2.2.5, but in position 4 in aws cli 1.x
Use --query to select only the data necessary and output in a consistent format
 2021-05-29 22:27:15 +00:00
Josh Moss
e3893c7d5b Update check_extra7142 2021-05-25 13:49:27 -04:00
Josh Moss
229d9ba00c ALB Header Check 2021-05-20 12:36:30 -04:00
Toni de la Fuente
51617df6c9 Bump Alpine to 3.13 in Dockerfile @gliptak 
Bump Alpine to 3.13 in Dockerfile @gliptak
 2021-05-20 17:10:28 +02:00
Toni de la Fuente
78e5dc5dba Added new check extra7141 to detect secrets in SSM Documents 2021-05-18 18:28:15 +02:00
Toni de la Fuente
1655bdb902 Added resource id to RDS checks and in json,csv,html outputs 2021-05-18 16:57:37 +02:00
Toni de la Fuente
30442b2da7 Added new check extra7140 for public SSM Documents 2021-05-18 16:10:55 +02:00
Toni de la Fuente
501082876c Fixed alias of extra7139 2021-05-18 16:08:10 +02:00
Toni de la Fuente
8d9ca987b5 Added link to doc for check45 check46 extra7138 and extras 2021-05-18 15:41:45 +02:00
Toni de la Fuente
f4cd84afd2 Merge pull request #785 from jfagoagas/new-acls-checks 
Added new checks to test Network ACLs open to 22, 3389 and any port
 2021-05-18 15:35:33 +02:00
Toni de la Fuente
46c6f44055 Merge branch '2.5' into new-acls-checks 2021-05-18 15:34:27 +02:00
Gábor Lipták
b72f66469e Bump Alpine to 3.13 in Dockerfile 2021-05-17 11:23:51 -04:00
Toni de la Fuente
cf4034c3b4 Improved error handling sts get-caller-identity @pablopagani 
Improved error handling sts get-caller-identity @pablopagani
 2021-05-04 15:43:29 +02:00
Toni de la Fuente
7c65430508 Improved error handling when listing regions @pablopagani 
Improved error handling when listing regions @pablopagani
 2021-05-04 15:39:25 +02:00
Toni de la Fuente
497b473431 Added check extra7139 shows number of GuardDuty critical findings @pablopagani 
Added check extra7139 shows number of GuardDuty critical findings @pablopagani
 2021-05-04 15:35:36 +02:00
Pablo Pagani
5385c4e546 Improved error handling sts get-caller-identity 
Instead of looking for a fixed error string, it uses error codes from aws cli
Previos condition was not catching this error message:
An error occurred (ExpiredToken) when calling the GetCallerIdentity operation: The security token included in the request is expired
Also forced the output of the command to json. In some tests I was doing was failing becuase it was sending output as text
 2021-05-01 17:54:11 -03:00
Pablo Pagani
9ac8c78fdb improved error handling when listing regions 2021-05-01 17:47:08 -03:00
Pablo Pagani
ce00f3a019 improved error handling. Added check 7139 . 2021-05-01 17:33:54 -03:00
Pepe Fagoaga
2727b7e8e2 fix(network-acls): update resource type to match AWS documentation 2021-04-28 18:50:20 +02:00
Pepe Fagoaga
2dc1ce61ec fix(network-acls): fix line typo 2021-04-26 12:30:44 +02:00
Pepe Fagoaga
625384ad6d feat(network-acls): include checks in networking and internetexposed checks 2021-04-24 13:38:36 +02:00
Pepe Fagoaga
056190cfc9 feat(network-acls): change textFail to textInfo because NACLs are stateless 2021-04-24 13:24:33 +02:00
Pepe Fagoaga
8f784a4548 feat(network-acls): include checks to test NetworkACLs open to 22, 3389 and any port 2021-04-24 13:13:41 +02:00
Pepe Fagoaga
f1185213e8 Merge branch 'master' of github.com:toniblyx/prowler 2021-04-22 18:30:48 +02:00
Pepe Fagoaga
cb60085779 New Networking checks for FTP, Telnet, SQL Server and Kafka (#2) 
* feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to FTP ports 20 or 21

* feat(aws-securitygroups): include extra control 7134 in extra group

* feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Kafka port 9092

* feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Telnet port 23

* feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Microsoft SQL Server ports 1433 or 1434

* feat(aws-securitygroups): include extra controls 7135, 7136 and 7137 in extra and internet-exposed groups
 2021-04-22 18:29:12 +02:00
Toni de la Fuente
0e33e066cd Added 4 new checks to look for FTP, Telnet, SQL Server and Kafka open ports @jfagoagas 
Added 4 new checks to look for FTP, Telnet, SQL Server and Kafka open ports @jfagoagas
 2021-04-20 17:23:48 +02:00
Pepe Fagoaga
672f3833fc feat(aws-securitygroups): include extra controls 7135, 7136 and 7137 in extra and internet-exposed groups 2021-04-19 19:31:06 +02:00
Pepe Fagoaga
4327333d00 feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Microsoft SQL Server ports 1433 or 1434 2021-04-19 19:28:10 +02:00
Pepe Fagoaga
ab43a8b717 feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Telnet port 23 2021-04-19 19:26:10 +02:00
Pepe Fagoaga
595bcba1d9 feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Kafka port 9092 2021-04-19 19:24:31 +02:00
Pepe Fagoaga
68b3e1fa06 feat(aws-securitygroups): include extra control 7134 in extra group 2021-04-19 19:19:24 +02:00
Pepe Fagoaga
2ac96cf29a feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to FTP ports 20 or 21 2021-04-19 19:18:23 +02:00
Toni de la Fuente
49533de21b Added support for custom output folder and S3 bucket 2021-04-15 23:51:21 +02:00
Toni de la Fuente
583cffaefb 2.4.1 @toniblyx 
2.4.1 @toniblyx
 2021-04-15 10:22:00 +02:00
Toni de la Fuente
721b15d105 Fixed issue #776 2021-04-15 09:30:31 +02:00
Toni de la Fuente
53117819fc Fixed credentials renew issue #775 2021-04-14 11:47:38 +02:00
Toni de la Fuente
2552f2977d Fixed issue #775 2021-04-12 21:23:28 +02:00
Toni de la Fuente
8a04f40a80 Fixed issue #774 2021-04-12 20:20:04 +02:00
Toni de la Fuente
b0fd6ce60f Merge pull request #773 from toniblyx/2.4 
v2.4
 2021-04-09 15:51:44 +02:00
Toni de la Fuente
e4edc2fa2c Improved feature to refresh assume role credentials before it expires 2021-04-09 15:13:13 +02:00
Toni de la Fuente
10d062960e Updated screenshots 2021-04-08 00:35:12 +02:00
Toni de la Fuente
7f24aab715 Updated README 2021-04-08 00:22:07 +02:00
Toni de la Fuente
3dfca9c9dd Improved html output with scoring information 2021-04-08 00:14:24 +02:00