ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 07:15:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,309 Commits 1 Branch 0 Tags
6aa8dd643d0370dce4e19527dc08e6154d04a8e2
Commit Graph

424 Commits

Author SHA1 Message Date
Toni de la Fuente
0f84181d89 Added new check [extra7101] Check if Amazon Elasticsearch Service (ES) domains have audit logging enabled 2020-09-18 18:44:01 +02:00
Joaquin Rinaudo
f642926f50 fix(severity): missing check 2020-09-03 08:23:17 +02:00
Joaquin Rinaudo
dce3cb0ead cleanup: working 2020-09-03 08:08:11 +02:00
Joaquin Rinaudo
ecbe997084 severity+security_hub 2020-09-03 08:04:13 +02:00
Toni de la Fuente
7f03ef0e7e Adding back extra798 2020-08-27 16:50:48 +02:00
Toni de la Fuente
36a291c4a9 Rename check_extra798 to check_extra7100 2020-08-27 16:30:20 +02:00
Toni de la Fuente
0b9d3e39d4 Merge branch 'master' into master 2020-08-27 16:28:35 +02:00
Toni de la Fuente
565edf7b4b Change check ID to extra7100 
Change check ID to extra7100
 2020-08-27 16:21:56 +02:00
Toni de la Fuente
9647d80fc1 Fix check12 when MFA is enabled and user contains true in the name @xeroxnir 
Fix check12 when MFA is enabled and user contains true in the name @xeroxnir
 2020-08-26 18:41:51 +02:00
Toni de la Fuente
89db9d4b70 Update check12 2020-08-26 18:40:11 +02:00
Toni de la Fuente
33a53663db Added [extra799] Check if Security Hub is enabled and its standard subscriptions 2020-08-25 19:54:57 +02:00
Toni de la Fuente
ca471700c2 Added [extra798] Check if Lambda functions have resource-based policy set as Public 2020-08-25 19:06:06 +02:00
Joaquin Rinaudo
024190dd8a [Check12] Bugfix: Remove $ from grep 
Check is failing to detect users without MFA, solved by removing `$` sign addresses the issue.
 2020-08-21 10:35:50 +02:00
Nick Malcolm
ba87f437d5 This check will identify IAM Policies which allow an IAM Principal (a Role or User) to escalate their privileges due to insecure STS permissions. It is AWS best practice to only use explicitly defined Resources (Role ARNs) for an sts:AssumeRole action. 
See more: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_permissions-to-switch.html#roles-usingrole-createpolicy
 2020-08-20 21:08:00 +12:00
Toni de la Fuente
f5ec2bceda Adding 4 new EKS checks @jonjozwiak 
Adding 4 new EKS checks @jonjozwiak
 2020-07-31 21:40:38 +02:00
Quinn Stevens
93c89530ff Explicitly set output --json for aws call 2020-07-31 20:30:20 +01:00
jonjozwiak
a2c92c2e7b Adding 4 EKS checks 2020-07-31 10:42:16 -05:00
Quinn Stevens
e58d8cbc8d Don't fail check extra737 for keys scheduled for deletion 2020-07-24 12:44:57 +01:00
Toni de la Fuente
9b1c152607 New check extra793 for SSL listeners on load balancers @jonjozwiak 
New check extra793 for SSL listeners on load balancers
 2020-07-21 16:57:20 +02:00
jonjozwiak
6ba9be46fb Adding check for SSL load balancers 2020-07-17 09:59:53 -05:00
jonjozwiak
1c970b0387 extra792 skip check if no HTTPS/SSL Listener and add NLB support 2020-07-16 16:08:33 -05:00
Geert Smelt
d3553b642e Fix listing Elastic IPs if default output format is not JSON 2020-06-26 12:50:09 +02:00
Geert Smelt
63d06212db Fix listing CloudFormation stacks if default output format is not JSON 2020-06-26 11:55:12 +02:00
Geert Smelt
a0c58e1cb2 Fix listing EC2 Security Groups if default output format is not JSON 2020-06-26 11:25:16 +02:00
Geert Smelt
0878511abf Fix listing EC2 instances if default output format is not JSON 2020-06-26 11:16:59 +02:00
Toni de la Fuente
dac24b3aa8 Fix issue #624 ID of check_extra792 2020-06-23 19:34:41 +02:00
jonjozwiak
4db109bb26 Fixing profile and region settings for check_extra792 - ELB SSL ciphers 2020-06-10 15:46:34 -05:00
Toni de la Fuente
26665a4645 Fix extra734 - handle us-east-1 @nimrodkor 
Fix extra734 - handle us-east-1
 2020-06-05 11:09:44 +02:00
Nimrod Kor
4dae0718c1 Fix extra764 - handle us-east-1 & check validity of policy 
(cherry picked from commit 89bd8a90d5767c70a59ab29928501bad3be6ad84)
 2020-06-04 23:18:08 +03:00
Nimrod Kor
ef4d2d33be Fix extra734 - handle us-east-1 
(cherry picked from commit 5f2eb7f82e3814478b380ae5fbb6c8a69536e043)
 2020-06-04 23:15:21 +03:00
Jon Jozwiak
06e81a7f33 Update check_extra792 ASFF resource tye 2020-05-26 09:35:48 -05:00
Jon Jozwiak
70337ecd84 Add ASFF resource type 2020-05-26 09:34:37 -05:00
jonjozwiak
df15388577 Adding insecure SSL checks for CloudFront and CLB/ALB 
(cherry picked from commit c9a60c07a2b5497cbed2d70c53821d826171dd68)
 2020-05-26 16:33:18 +03:00
Toni de la Fuente
c7ed6a6693 Improved region handing for extra734 and extra764 2020-05-19 15:03:42 +02:00
Toni de la Fuente
e0c2ca2436 Fixed issue #596 for extra71 2020-05-11 13:21:06 +02:00
Toni de la Fuente
c79d346961 Fixed issue #596 on check114 2020-05-11 13:16:38 +02:00
Toni de la Fuente
996f785af6 Improve check21 If no account cloudtrail trail is found, check org trail @nimrodkor @bridgecrewio 
check21 - If no account CloudTrail trail is found, check org trail
 2020-04-29 22:24:24 +02:00
Nimrod Kor
dd0ef8c0b4 If no local cloudtrail trail is found - check org trail 2020-04-29 21:39:27 +03:00
Toni de la Fuente
5450bf949e Fix check12's grep to find users with true in their name who really have password access @nimrodkor @bridgecrewio 
Fix check12's grep to find users with true in their name who really have password access @nimrodkor @bridgecrewio
 2020-04-29 13:02:26 +02:00
Toni de la Fuente
1f949b4175 Improved AWS partition handle 2020-04-29 12:06:47 +02:00
Nimrod Kor
dbca70ef2e Add $ to end of regex 2020-04-28 14:28:59 +03:00
Nimrod Kor
54f2b72cb6 Fix check12's grep to find users who really have password access 
(cherry picked from commit 4006c581a06c449b66ede8892b9ae18c735ad34c)
 2020-04-28 14:13:32 +03:00
Toni de la Fuente
13ca147d02 Updated checks with hardcoded arn to support GovCloud partition 2020-04-22 23:23:17 +02:00
Toni de la Fuente
dbb3ed9663 Improved extra734 for GovCloud 2020-04-22 22:19:21 +02:00
Toni de la Fuente
1beb483be3 Fixed issue with govcloud on extra764 #536 2020-04-22 20:40:18 +02:00
Toni de la Fuente
7dc790a3f5 Fixed issue with govcloud on extra764 #536 2020-04-22 20:05:39 +02:00
Toni de la Fuente
b9051e6fc9 Merge pull request #563 from marcjay/correct-check13-496 
Extend check13 to meet all CIS rules and consolidate with extra774
 2020-04-22 10:46:37 +02:00
Toni de la Fuente
92091d9ecd Rollback #562 fix issue #564 2020-04-22 10:31:30 +02:00
Marc Jay
ad66254b45 Extend check13 to meet all CIS rules and consolidate with extra774 
Create `include/check_creds_last_used` and move all logic for checking last usages of passwords and access keys there
Modify check13 and extra774 to call new function, specifying time-range of last 90 days and last 30 days respectively
Modify messages in check14 and check121 so that all mentions of 'access key's are consistent

Fixes #496
 2020-04-21 01:21:55 +01:00
Toni de la Fuente
d6374f8bc8 Updated textInfo message on extra712 2020-04-20 19:27:39 +02:00