prowler

mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 23:05:05 +00:00

Author	SHA1	Message	Date
dlpzx	65c63d5bdd	checks for glue - 7119,7121,7123,7124. 7125 not done yet	2020-11-03 19:18:40 +01:00
Toni de la Fuente	180f12d625	Fix extra7111 parser error	2020-11-03 13:48:39 +01:00
Toni de la Fuente	62fcbf2f05	Fix extra7103 parser error	2020-11-03 13:44:24 +01:00
Toni de la Fuente	5d4648c812	Fix extra7108 parser error	2020-11-03 13:33:51 +01:00
Toni de la Fuente	d6760f15b7	fix extra7110 title	2020-10-20 13:30:26 +02:00
Toni de la Fuente	b8e1ef6b33	Fix check_extra7107 condition	2020-10-20 13:20:15 +02:00
Toni de la Fuente	79808fbe30	Fix syntax in extra7110	2020-10-20 09:29:30 +02:00
gchib	ba7c3a3124	Add extra7113: Check RDS deletion protection	2020-10-08 17:18:56 +05:30
Toni de la Fuente	645ea25ddc	New group for Sagemaker with 10 new controls	2020-10-06 16:40:19 +02:00
Toni de la Fuente	923267c3e5	extra7102 increased severity to medium	2020-10-06 16:39:39 +02:00
Toni de la Fuente	ffcb6a0b69	Added extra7102 ElasticIP Shodan integration	2020-10-02 19:10:00 +02:00
Toni de la Fuente	0f84181d89	Added new check [extra7101] Check if Amazon Elasticsearch Service (ES) domains have audit logging enabled	2020-09-18 18:44:01 +02:00
Joaquin Rinaudo	f642926f50	fix(severity): missing check	2020-09-03 08:23:17 +02:00
Joaquin Rinaudo	dce3cb0ead	cleanup: working	2020-09-03 08:08:11 +02:00
Joaquin Rinaudo	ecbe997084	severity+security_hub	2020-09-03 08:04:13 +02:00
Toni de la Fuente	7f03ef0e7e	Adding back extra798	2020-08-27 16:50:48 +02:00
Toni de la Fuente	36a291c4a9	Rename check_extra798 to check_extra7100	2020-08-27 16:30:20 +02:00
Toni de la Fuente	0b9d3e39d4	Merge branch 'master' into master	2020-08-27 16:28:35 +02:00
Toni de la Fuente	565edf7b4b	Change check ID to extra7100 Change check ID to extra7100	2020-08-27 16:21:56 +02:00
Toni de la Fuente	9647d80fc1	Fix check12 when MFA is enabled and user contains true in the name @xeroxnir Fix check12 when MFA is enabled and user contains true in the name @xeroxnir	2020-08-26 18:41:51 +02:00
Toni de la Fuente	89db9d4b70	Update check12	2020-08-26 18:40:11 +02:00
Toni de la Fuente	33a53663db	Added [extra799] Check if Security Hub is enabled and its standard subscriptions	2020-08-25 19:54:57 +02:00
Toni de la Fuente	ca471700c2	Added [extra798] Check if Lambda functions have resource-based policy set as Public	2020-08-25 19:06:06 +02:00
Joaquin Rinaudo	024190dd8a	[Check12] Bugfix: Remove $ from grep Check is failing to detect users without MFA, solved by removing `$` sign addresses the issue.	2020-08-21 10:35:50 +02:00
Nick Malcolm	ba87f437d5	This check will identify IAM Policies which allow an IAM Principal (a Role or User) to escalate their privileges due to insecure STS permissions. It is AWS best practice to only use explicitly defined Resources (Role ARNs) for an `sts:AssumeRole` action. See more: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_permissions-to-switch.html#roles-usingrole-createpolicy	2020-08-20 21:08:00 +12:00
Toni de la Fuente	f5ec2bceda	Adding 4 new EKS checks @jonjozwiak Adding 4 new EKS checks @jonjozwiak	2020-07-31 21:40:38 +02:00
Quinn Stevens	93c89530ff	Explicitly set output --json for aws call	2020-07-31 20:30:20 +01:00
jonjozwiak	a2c92c2e7b	Adding 4 EKS checks	2020-07-31 10:42:16 -05:00
Quinn Stevens	e58d8cbc8d	Don't fail check extra737 for keys scheduled for deletion	2020-07-24 12:44:57 +01:00
Toni de la Fuente	9b1c152607	New check extra793 for SSL listeners on load balancers @jonjozwiak New check extra793 for SSL listeners on load balancers	2020-07-21 16:57:20 +02:00
jonjozwiak	6ba9be46fb	Adding check for SSL load balancers	2020-07-17 09:59:53 -05:00
jonjozwiak	1c970b0387	extra792 skip check if no HTTPS/SSL Listener and add NLB support	2020-07-16 16:08:33 -05:00
Geert Smelt	d3553b642e	Fix listing Elastic IPs if default output format is not JSON	2020-06-26 12:50:09 +02:00
Geert Smelt	63d06212db	Fix listing CloudFormation stacks if default output format is not JSON	2020-06-26 11:55:12 +02:00
Geert Smelt	a0c58e1cb2	Fix listing EC2 Security Groups if default output format is not JSON	2020-06-26 11:25:16 +02:00
Geert Smelt	0878511abf	Fix listing EC2 instances if default output format is not JSON	2020-06-26 11:16:59 +02:00
Toni de la Fuente	dac24b3aa8	Fix issue #624 ID of check_extra792	2020-06-23 19:34:41 +02:00
jonjozwiak	4db109bb26	Fixing profile and region settings for check_extra792 - ELB SSL ciphers	2020-06-10 15:46:34 -05:00
Toni de la Fuente	26665a4645	Fix extra734 - handle us-east-1 @nimrodkor Fix extra734 - handle us-east-1	2020-06-05 11:09:44 +02:00
Nimrod Kor	4dae0718c1	Fix extra764 - handle us-east-1 & check validity of policy (cherry picked from commit 89bd8a90d5767c70a59ab29928501bad3be6ad84)	2020-06-04 23:18:08 +03:00
Nimrod Kor	ef4d2d33be	Fix extra734 - handle us-east-1 (cherry picked from commit 5f2eb7f82e3814478b380ae5fbb6c8a69536e043)	2020-06-04 23:15:21 +03:00
Jon Jozwiak	06e81a7f33	Update check_extra792 ASFF resource tye	2020-05-26 09:35:48 -05:00
Jon Jozwiak	70337ecd84	Add ASFF resource type	2020-05-26 09:34:37 -05:00
jonjozwiak	df15388577	Adding insecure SSL checks for CloudFront and CLB/ALB (cherry picked from commit c9a60c07a2b5497cbed2d70c53821d826171dd68)	2020-05-26 16:33:18 +03:00
Toni de la Fuente	c7ed6a6693	Improved region handing for extra734 and extra764	2020-05-19 15:03:42 +02:00
Toni de la Fuente	e0c2ca2436	Fixed issue #596 for extra71	2020-05-11 13:21:06 +02:00
Toni de la Fuente	c79d346961	Fixed issue #596 on check114	2020-05-11 13:16:38 +02:00
Toni de la Fuente	996f785af6	Improve check21 If no account cloudtrail trail is found, check org trail @nimrodkor @bridgecrewio check21 - If no account CloudTrail trail is found, check org trail	2020-04-29 22:24:24 +02:00
Nimrod Kor	dd0ef8c0b4	If no local cloudtrail trail is found - check org trail	2020-04-29 21:39:27 +03:00
Toni de la Fuente	5450bf949e	Fix check12's grep to find users with true in their name who really have password access @nimrodkor @bridgecrewio Fix check12's grep to find users with true in their name who really have password access @nimrodkor @bridgecrewio	2020-04-29 13:02:26 +02:00

1 2 3 4 5 ...

435 Commits