ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 06:45:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,552 Commits 1 Branch 0 Tags
78e5dc5dba71d23ac6d9cfbda93952d60a17255c
Commit Graph

1552 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Toni de la Fuente
78e5dc5dba Added new check extra7141 to detect secrets in SSM Documents 2021-05-18 18:28:15 +02:00
Toni de la Fuente
1655bdb902 Added resource id to RDS checks and in json,csv,html outputs 2021-05-18 16:57:37 +02:00
Toni de la Fuente
30442b2da7 Added new check extra7140 for public SSM Documents 2021-05-18 16:10:55 +02:00
Toni de la Fuente
501082876c Fixed alias of extra7139 2021-05-18 16:08:10 +02:00
Toni de la Fuente
8d9ca987b5 Added link to doc for check45 check46 extra7138 and extras 2021-05-18 15:41:45 +02:00
Toni de la Fuente
f4cd84afd2 Merge pull request #785 from jfagoagas/new-acls-checks 
Added new checks to test Network ACLs open to 22, 3389 and any port
 2021-05-18 15:35:33 +02:00
Toni de la Fuente
46c6f44055 Merge branch '2.5' into new-acls-checks 2021-05-18 15:34:27 +02:00
Toni de la Fuente
cf4034c3b4 Improved error handling sts get-caller-identity @pablopagani 
Improved error handling sts get-caller-identity @pablopagani
 2021-05-04 15:43:29 +02:00
Toni de la Fuente
7c65430508 Improved error handling when listing regions @pablopagani 
Improved error handling when listing regions @pablopagani
 2021-05-04 15:39:25 +02:00
Toni de la Fuente
497b473431 Added check extra7139 shows number of GuardDuty critical findings @pablopagani 
Added check extra7139 shows number of GuardDuty critical findings @pablopagani
 2021-05-04 15:35:36 +02:00
Pablo Pagani
5385c4e546 Improved error handling sts get-caller-identity 
Instead of looking for a fixed error string, it uses error codes from aws cli
Previos condition was not catching this error message:
An error occurred (ExpiredToken) when calling the GetCallerIdentity operation: The security token included in the request is expired
Also forced the output of the command to json. In some tests I was doing was failing becuase it was sending output as text
 2021-05-01 17:54:11 -03:00
Pablo Pagani
9ac8c78fdb improved error handling when listing regions 2021-05-01 17:47:08 -03:00
Pablo Pagani
ce00f3a019 improved error handling. Added check 7139 . 2021-05-01 17:33:54 -03:00
Pepe Fagoaga
2727b7e8e2 fix(network-acls): update resource type to match AWS documentation 2021-04-28 18:50:20 +02:00
Pepe Fagoaga
2dc1ce61ec fix(network-acls): fix line typo 2021-04-26 12:30:44 +02:00
Pepe Fagoaga
625384ad6d feat(network-acls): include checks in networking and internetexposed checks 2021-04-24 13:38:36 +02:00
Pepe Fagoaga
056190cfc9 feat(network-acls): change textFail to textInfo because NACLs are stateless 2021-04-24 13:24:33 +02:00
Pepe Fagoaga
8f784a4548 feat(network-acls): include checks to test NetworkACLs open to 22, 3389 and any port 2021-04-24 13:13:41 +02:00
Pepe Fagoaga
f1185213e8 Merge branch 'master' of github.com:toniblyx/prowler 2021-04-22 18:30:48 +02:00
Pepe Fagoaga
cb60085779 New Networking checks for FTP, Telnet, SQL Server and Kafka (#2) 
* feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to FTP ports 20 or 21

* feat(aws-securitygroups): include extra control 7134 in extra group

* feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Kafka port 9092

* feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Telnet port 23

* feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Microsoft SQL Server ports 1433 or 1434

* feat(aws-securitygroups): include extra controls 7135, 7136 and 7137 in extra and internet-exposed groups
 2021-04-22 18:29:12 +02:00
Toni de la Fuente
0e33e066cd Added 4 new checks to look for FTP, Telnet, SQL Server and Kafka open ports @jfagoagas 
Added 4 new checks to look for FTP, Telnet, SQL Server and Kafka open ports @jfagoagas
 2021-04-20 17:23:48 +02:00
Pepe Fagoaga
672f3833fc feat(aws-securitygroups): include extra controls 7135, 7136 and 7137 in extra and internet-exposed groups 2021-04-19 19:31:06 +02:00
Pepe Fagoaga
4327333d00 feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Microsoft SQL Server ports 1433 or 1434 2021-04-19 19:28:10 +02:00
Pepe Fagoaga
ab43a8b717 feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Telnet port 23 2021-04-19 19:26:10 +02:00
Pepe Fagoaga
595bcba1d9 feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Kafka port 9092 2021-04-19 19:24:31 +02:00
Pepe Fagoaga
68b3e1fa06 feat(aws-securitygroups): include extra control 7134 in extra group 2021-04-19 19:19:24 +02:00
Pepe Fagoaga
2ac96cf29a feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to FTP ports 20 or 21 2021-04-19 19:18:23 +02:00
Toni de la Fuente
49533de21b Added support for custom output folder and S3 bucket 2021-04-15 23:51:21 +02:00
Toni de la Fuente
583cffaefb 2.4.1 @toniblyx 
2.4.1 @toniblyx
 2021-04-15 10:22:00 +02:00
Toni de la Fuente
721b15d105 Fixed issue #776 2021-04-15 09:30:31 +02:00
Toni de la Fuente
53117819fc Fixed credentials renew issue #775 2021-04-14 11:47:38 +02:00
Toni de la Fuente
2552f2977d Fixed issue #775 2021-04-12 21:23:28 +02:00
Toni de la Fuente
8a04f40a80 Fixed issue #774 2021-04-12 20:20:04 +02:00
Toni de la Fuente
b0fd6ce60f Merge pull request #773 from toniblyx/2.4 
v2.4
 2021-04-09 15:51:44 +02:00
Toni de la Fuente
e4edc2fa2c Improved feature to refresh assume role credentials before it expires 2021-04-09 15:13:13 +02:00
Toni de la Fuente
10d062960e Updated screenshots 2021-04-08 00:35:12 +02:00
Toni de la Fuente
7f24aab715 Updated README 2021-04-08 00:22:07 +02:00
Toni de la Fuente
3dfca9c9dd Improved html output with scoring information 2021-04-08 00:14:24 +02:00
Toni de la Fuente
dacfea6b32 Included Risk, Remediation and Link support for CSV and HTML outputs 2021-04-07 18:42:44 +02:00
Toni de la Fuente
574a9c94b0 Added Risk, Remediation and Link to html report 2021-04-07 18:40:50 +02:00
Toni de la Fuente
7bace94e08 Fixed servicename variable in extra72 2021-04-07 18:39:14 +02:00
Toni de la Fuente
778910eff3 Added new logo to README.md header 2021-04-06 17:32:55 +02:00
Toni de la Fuente
755f7d952f Added new logo 2021-04-06 17:15:33 +02:00
Toni de la Fuente
d02e1967dc Improved PublicIP discovery used in Shodan check_extra7102 @as-km 
Improved PublicIP discovery used in Shodan check_extra7102 @as-km
 2021-04-06 13:05:27 +02:00
Mateusz
d77001356a use describe-network-interfaces instead of describe-addresses in order to get public IPs #768 2021-04-06 12:57:11 +02:00
Toni de la Fuente
e85d8b2a9d Add check23 to group17_internetexposed group @RyanJarv 
Add check23 to group17_internetexposed group @RyanJarv
 2021-04-06 12:01:52 +02:00
Toni de la Fuente
4f16c8dec5 Merge pull request #766 from toniblyx/revert-765-patch-2 
Revert "Add check23 to group17_internetexposed group"
 2021-04-05 21:17:35 +02:00
Toni de la Fuente
236ce1fb21 Revert "Add check23 to group17_internetexposed group" 2021-04-05 21:16:58 +02:00
Toni de la Fuente
15230ae6f3 Add check23 to group17_internetexposed @RyanJarv 
Add check23 to group17_internetexposed @RyanJarv
 2021-04-05 21:16:54 +02:00
Ryan Gerstenkorn
6c5776106f Add check23 to group17_internetexposed group 
This add's the following check to group17.

* 2.3 [check23] Ensure the S3 bucket CloudTrail logs to is not publicly accessible (Scored)
 2021-04-05 12:07:08 -07:00