ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 06:45:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,886 Commits 1 Branch 0 Tags
7423cd2f93e2320996b569ddf940d7f1fc5fc395
Commit Graph

208 Commits

Author SHA1 Message Date
Pepe Fagoaga
02519a4429 fix(assume_role): Set the AWS STS endpoint region (#2587) 2023-07-17 10:09:48 +02:00
Nacho Rivera
8f015d0672 fix(allowlist): single account checks handling (#2585) 
Co-authored-by: thomscode <thomscode@gmail.com>
 2023-07-14 09:55:27 +02:00
Nacho Rivera
d1c91093e2 feat(cond parser): add policy cond parser & apply in sqs public check (#2575) 2023-07-12 15:39:01 +02:00
Nacho Rivera
66fe101ccd fix(allowlist): handle wildcard in account field (#2577) 2023-07-12 14:22:42 +02:00
dependabot[bot]
4ba54738a9 build(deps): bump boto3 from 1.26.161 to 1.26.165 (#2566) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-07-11 09:37:29 +02:00
Pepe Fagoaga
11a8ba131a test(outputs): Remove debug (#2559) 2023-07-07 10:14:47 +02:00
Sergio Garcia
858de64f8e chore(release): version 3.7.0 (#2558) 2023-07-06 21:17:21 +02:00
Sergio Garcia
676e60afb7 feat(gcp): add CIS checks (#2544) 2023-07-06 17:01:56 +02:00
Nacho Rivera
b1968f3f8b fix(allowlist): reformat allowlist logic (#2555) 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-07-06 15:33:32 +02:00
Nacho Rivera
7097ca401d feat(lambda allowlist): mapping lambda/awslambda in allowlist (#2554) 2023-07-05 11:49:42 +02:00
Sergio Garcia
6a2fb37615 fix(bigquery_dataset_public_access): handle status correctly (#2542) 2023-07-03 13:01:51 +02:00
Nacho Rivera
6403feaff9 fix(cloudwatch secrets): fix nonetype error handling (#2543) 2023-07-03 12:52:46 +02:00
Sergio Garcia
4f033cec8d feat(MITRE): add MITRE ATT&CK framework for AWS (#2537) 2023-06-30 12:24:05 +02:00
Sergio Garcia
fa99ee9d5b feat(allowlist): add exceptions to allowlist (#2527) 2023-06-27 12:57:18 +02:00
Sergio Garcia
6efe634850 fix(iam): add StringLike condition in iam_role_cross_service_confused_deputy_prevention (#2533) 2023-06-27 10:06:46 +02:00
Sergio Garcia
c2a05da908 chore(ec2): reduce noise in Security Groups checks (#2525) 2023-06-23 15:06:09 +02:00
Sergio Garcia
e1da9e60fc chore(region): add get_default_region function in AWS Services (#2524) 2023-06-23 14:10:49 +02:00
Sergio Garcia
90ebb815d5 fix(security hub): solve Security Hub format requirements (#2520) 2023-06-21 13:04:14 +02:00
Sergio Garcia
8ea5ba5d3f chore(OCSF): improve OCSF logic (#2502) 2023-06-19 12:37:04 +02:00
Sergio Garcia
0d81bd457c fix(asff): handle empty Recommendation Url (#2496) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-06-16 12:17:09 +02:00
Sergio Garcia
af2b19436f fix(route53): correct Hosted Zone ARN (#2494) 2023-06-15 16:32:54 +02:00
Sebastian Nyberg
707584b2ef feat(aws): Add MFA flag if try to assume role in AWS (#2478) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-06-13 17:18:10 +02:00
Sergio Garcia
25e48ae546 chore(arn): include ARN of AWS accounts (#2477) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-06-13 10:18:23 +02:00
Sergio Garcia
01cd4bcb47 chore(arn): add missing ARNs to AWS Services (#2476) 2023-06-12 13:33:12 +02:00
Sebastian Nyberg
49b2a559ae feat(vpc): add check vpc_subnet_no_public_ip_by_default (#2472) 
Co-authored-by: Sergio Garcia <38561120+sergargar@users.noreply.github.com>
 2023-06-12 09:44:10 +02:00
Nacho Rivera
eb43b11202 fix(arn validator): include : in regex (#2471) 2023-06-09 13:24:29 +02:00
Sergio Garcia
5c4cae8c9d feat(wellarchitected): add WellArchitected service and check (#2461) 2023-06-09 13:19:01 +02:00
Sergio Garcia
9cda78e561 chore(docs): improve allowlist suggestion (#2466) 2023-06-09 13:07:28 +02:00
Sebastian Nyberg
3c2c896708 chore(vpc): add mapPublicIpOnLaunch attribute to VPC subnets (#2470) 2023-06-09 12:45:28 +02:00
Jit
b73da9c54c feat(gcp): add 12 new checks for CIS Framework (#2426) 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-06-08 11:25:51 +02:00
Sergio Garcia
cdf2a13bbd feat(oscf): add OCSF format as JSON output for AWS, Azure and GCP. Hello Amazon Security Lake! (#2429) 2023-06-07 14:28:43 +02:00
Pepe Fagoaga
b7bb4bbd57 fix(aws): Add missing resources ARN (#2453) 2023-06-06 16:56:59 +02:00
Pepe Fagoaga
86cf2cd233 fix(efs): Include resource ARN and handle from input (#2452) 2023-06-06 14:29:58 +02:00
Sergio Garcia
a8f03d859c feat(gcp): add --project-ids flag and scan all projects by default (#2393) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-06-06 11:56:39 +02:00
Sergio Garcia
3c7580f024 fix(ec2): handle false positive in ec2_securitygroup_allow_ingress_from_internet_to_any_port (#2449) 2023-06-06 11:55:27 +02:00
Sergio Garcia
277833e388 fix(services): verify Route53 records and handle TrustedAdvisor error (#2448) 2023-06-06 11:50:44 +02:00
christiandavilakoobin
2955975793 fix(cloudfront): fix DefaultCacheConfigBehaviour enum type(#2430) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-06-05 15:48:34 +02:00
Nacho Rivera
15a7de7b24 fix(browser auth): fix browser auth in Azure to include tenant id (#2415) 
Co-authored-by: Sergio Garcia <38561120+sergargar@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-06-02 13:22:43 +02:00
Sergio Garcia
58a29bf058 fix(codebuild): handle FAIL in codebuild_project_user_controlled_buildspec (#2410) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-05-25 13:30:01 +02:00
Toni de la Fuente
ff18fd2c38 chore(docs): add summary table to README.md (#2402) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
Co-authored-by: Sergio Garcia <38561120+sergargar@users.noreply.github.com>
 2023-05-24 13:56:17 +02:00
Jit
3ab0cd02df feat(checks-gcp): Include 4 new checks covering GCP CIS (#2376) 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
Co-authored-by: Sergio Garcia <38561120+sergargar@users.noreply.github.com>
 2023-05-24 12:10:43 +02:00
Sergio Garcia
c01c59023a fix(ClientError): handle ClientErrors in DynamoDB and Directory Service (#2400) 2023-05-24 11:50:08 +02:00
Sergio Garcia
c10b31e9d0 fix(categories): remove empty categories from metadata (#2401) 2023-05-24 10:44:51 +02:00
Sergio Garcia
deb9847e2b fix(route53_dangling_ip_subdomain_takeover): notify only IPs with AWS IP Ranges (#2396) 2023-05-23 16:35:13 +02:00
Pepe Fagoaga
9e9e7e1e96 fix(aws): Handle unique map keys (#2390) 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-05-23 15:54:22 +02:00
Sergio Garcia
aec254b05a fix(inspector2): fix active findings count (#2395) 2023-05-23 12:26:09 +02:00
Kevin Pullin
1234c1e7e2 fix(allowlist) - tags parameter is a string, not a list (#2375) 2023-05-23 09:51:50 +02:00
Pepe Fagoaga
e84f5f184e fix(sts): Use the right region to validate credentials (#2349) 
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-05-18 15:51:57 +02:00
Pepe Fagoaga
9ceaefb663 fix(access-analyzer): Handle ResourceNotFoundException (#2336) 2023-05-10 15:44:14 +02:00
Gabriel Soltz
ec03ea5bc1 feat(workspaces): New check workspaces_vpc_2private_1public_subnets_nat (#2286) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
Co-authored-by: n4ch04 <nachor1992@gmail.com>
 2023-05-10 15:40:42 +02:00