ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-12 07:45:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,428 Commits 1 Branch 0 Tags
6cbee3b16c2a77a941ce189abe974db2e6a981e5
Commit Graph

270 Commits

Author SHA1 Message Date
C.J
1d9c1eaece Catch errors assuming role and describing regions 2021-01-13 09:44:15 -05:00
Toni de la Fuente
297eeea783 Label version 2.3.0-18122020 2020-12-18 13:09:47 +01:00
Toni de la Fuente
91ce905a5a Fix issue assuming role in regions with STS disabled 2020-12-17 16:34:10 +01:00
Toni de la Fuente
347872a6de Refresh assumed role credentials to avoid role chaining limitations @michael-dickinson-sainsburys 
Refresh assumed role credentials to avoid role chaining limitations @michael-dickinson-sainsburys
 2020-12-17 15:24:06 +01:00
Toni de la Fuente
8c19583ac7 Update prowler 
Adapted execute_check to renew creds
 2020-12-17 15:21:50 +01:00
Toni de la Fuente
5e38c61286 Refresh assumed role credentials to avoid role chaining limitations @michael-dickinson-sainsburys 
Refresh assumed role credentials to avoid role chaining limitations @michael-dickinson-sainsburys
 2020-12-16 20:04:21 +00:00
Toni de la Fuente
de3e2c3a2b Added support to run inside AWS CloudShell 2020-12-16 13:41:54 +01:00
Toni de la Fuente
aa0440e426 Revert "Refresh assumed role credentials to avoid role chaining limitations" 2020-12-15 17:37:42 +01:00
Toni de la Fuente
31182059e4 Refresh assumed role credentials to avoid role chaining limitations @michael-dickinson-sainsburys 
Refresh assumed role credentials to avoid role chaining limitations @michael-dickinson-sainsburys
 2020-12-15 17:29:11 +01:00
Toni de la Fuente
7f1df739c4 Added -N <shodan_api_key> support for extra7102 2020-12-15 12:25:47 +01:00
Toni de la Fuente
3d62aedf29 New RC6 including ENS as a new compliance type all formats 2020-12-01 10:03:59 +01:00
Michael Dickinson
5da54467b5 fix: Refresh assumed role credentials if session is nearing expiration 2020-11-23 21:05:20 +00:00
Joaquin Rinaudo
f6d17ba6e0 fix(securityhub): consistency + prefix bug + PASSED 
fix(securityhub): consistency + prefix bug + PASSED
 2020-11-12 21:48:21 +01:00
Toni de la Fuente
ae1d7be7f2 Enable Security Hub official integration 2020-10-29 22:40:38 +01:00
Toni de la Fuente
60c741a202 Merge branch 'master' of https://github.com/toniblyx/prowler into master 2020-09-24 14:55:20 +02:00
Toni de la Fuente
c14799915c Fix issue #659 2020-09-24 14:55:10 +02:00
Joaquin Rinaudo
321401f755 fix(securityhub): other os/check fixes + batch in 100 findings 2020-09-24 09:34:09 +02:00
Toni de la Fuente
392da158e7 Labeled 2.3.0RC4, time for a final GA version... 2020-09-16 23:32:13 +02:00
Toni de la Fuente
d66a8d0ac6 Fix execute_group_by_id @xeroxnir 
Fix execute_group_by_id @xeroxnir
 2020-09-16 23:26:33 +02:00
Joaquin Rinaudo
24c80c8548 Fix: If is never called (also under execute_check) 2020-09-07 16:33:45 +02:00
Joaquin Rinaudo
e1fb89838a Fix execute_group_by_id 
* All other group checks for IAM have no credential report.
* ${GROUP_ID[$1]} is invalid as first parameter is group_id
 2020-09-07 16:09:10 +02:00
Joaquin Rinaudo
ecbe997084 severity+security_hub 2020-09-03 08:04:13 +02:00
Joaquin Rinaudo
ae4940a7d8 revert-custom-branch 2020-09-01 17:05:37 +02:00
Joaquin Rinaudo
2a4cebaa1e WIP: security hub integration 2020-09-01 17:03:25 +02:00
Joaquin Rinaudo
6c0e1a13e3 feature: Only when custom checks are set 2020-09-01 16:36:07 +02:00
Joaquin Rinaudo
0eab753620 feature: Execute custom checks in execute_all 2020-09-01 16:34:19 +02:00
Joaquin Rinaudo
118ff0819e Merge branch 'master' of github.com:xeroxnir/prowler 2020-09-01 16:32:34 +02:00
Joaquin Rinaudo
9baa6d6ae9 revert: master 2020-09-01 16:26:16 +02:00
Joaquin Rinaudo
580523fde4 fix(all_checks): also run custom folder 2020-09-01 16:17:19 +02:00
Marc Jay
e3ecee83af Ensure that checks are sorted numerically when listing checks 
Sort first by section, then by check within each section
Fix group IDs in documentation

Relates to #545 and #561
 2020-09-01 00:21:48 +01:00
Joaquin Rinaudo
7868904c3b Fix getops OPTARG for custom checks 
Custom checks in folder are not being sourced. `./prowler -c extra800 -x custom` results in empty EXTERNAL_CHECKS_PATH variables due to missing colon.

The fix was tested in both OSX and toniblyx/prowler:latest Docker.

Regards,
 2020-08-26 23:59:02 +02:00
Toni de la Fuente
c1992ef2a7 Added html to -M in usage 2020-08-18 11:52:49 +02:00
Toni de la Fuente
43d95ac18c Set version label PROWLER_VERSION=2.3.0RC3 2020-07-24 15:22:28 +02:00
Toni de la Fuente
78b26a022a Added native html report - upgrade to 21st century ;) 2020-05-25 21:24:33 +02:00
Marc Jay
0f9783791b Support Ctrl-C/SIG INT stopping Prowler when running in Docker 
Trap Ctrl-C/SIG INT, call cleanup function and then exit, using the appropriate exit code

Fixes #594
 2020-05-08 12:34:03 +01:00
Toni de la Fuente
24fcfb1066 v2.3.0RC 2020-05-06 23:27:30 +02:00
Toni de la Fuente
977fe7408e Added whitelist option to README and recuce output for -w 2020-05-06 23:24:42 +02:00
Urjit Singh Bhatia
103782f72b Fix warning handling with changes to official master 2020-05-04 14:37:30 -07:00
Urjit Singh Bhatia
5886f8524a Merge remote-tracking branch 'official/master' into whitelistSupport 2020-05-04 13:56:14 -07:00
Marc Jay
f84b843388 Wrap all mode checks with whitespace, along with comparison strings, so only exact string matches are allowed, preventing clashes when output modes are named similarly, e.g. 'json' and 'json-asff' 
Fixes #571
 2020-04-26 01:02:39 +01:00
Toni de la Fuente
9f03bd7545 Added txt output as mono for -M 2020-04-22 12:58:54 +02:00
Marc Jay
c2669622cf Fix -E flag no longer excluding checks 
Remove re-declaration of TOTAL_CHECKS variable

Bug introduced by #561

Fixes #566
 2020-04-22 09:58:33 +01:00
Marc Jay
ad66254b45 Extend check13 to meet all CIS rules and consolidate with extra774 
Create `include/check_creds_last_used` and move all logic for checking last usages of passwords and access keys there
Modify check13 and extra774 to call new function, specifying time-range of last 90 days and last 30 days respectively
Modify messages in check14 and check121 so that all mentions of 'access key's are consistent

Fixes #496
 2020-04-21 01:21:55 +01:00
Marc Jay
71bf414faf Merge branch 'master' into improve-listing-of-checks-and-groups-545 2020-04-20 18:11:06 +01:00
Marc Jay
8f179338d8 Fix invalid references to $i when it should reference a local $group_index variable 2020-04-20 01:30:37 +01:00
Marc Jay
47a05c203a Improve listing of Checks and Groups 
Change `-l` flag to print a unique list of every single check (assuming none are orphaned outside of all groups)
Allow `-g <group_id>` to be specified in combination with `-l`, to only print checks that are referenced by the specified group
When listing all checks with `-l` only, print out all groups that reference each check

Fixes: #545
 2020-04-20 01:12:53 +01:00
Marc Jay
78f649bd65 Replace -J flag with junit-xml output format 
Rearrange output functions so they support outputting text alongside other formats, if specified
Add a convenience function for checking if JUnit output is enabled
Move monochrome setting into loop so it better supports multiple formats
Update README
 2020-04-15 23:36:40 +01:00
Marc Jay
994390351e Add the ability to generate JUnit XML reports with a -J flag 
If the -J flag is passed, generate JUnit XML reports for each check, in-line with how Java tools generate JUnit reports.
Check section numbers equate to 'root packages', checks are second-level packages, each check equates to a testsuite (mirroring Java where each test class is a testsuite) and each pass/fail of a check equates to a testcase
Time the execution of each check and include this in the report
Include properties (Prowler version, check level etc.) in-line with standard JUnit files
XML escape all strings for safety

Detect if a user has GNU coreutils installed on Mac OS X, but not as their default, switching to using gdate for date commands if so, as it has more features, including getting dates in milliseconds
Add prowler-output, junit-reports and VSCode files to .gitignore
Update README to include JUnit info, address markdownlint warnings
Remove unused arguments to jq in generateJsonAsffOutput

Fixes #537
 2020-04-15 02:36:16 +01:00
Urjit Singh Bhatia
bf72025b9b Ignore inline whitelist comments, pass checkid to filter ignores specifically for checks 2020-04-14 17:29:36 -07:00
Toni de la Fuente
3311acf82c Merge branch 'simplify-check-id-variables' of https://github.com/marcjay/prowler into marcjay-simplify-check-id-variables 2020-04-15 00:23:54 +02:00