ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 23:05:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,251 Commits 1 Branch 0 Tags
ae4940a7d8e59d2d0e02aab9e54225f8d235faa9
Commit Graph

1251 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joaquin Rinaudo
ae4940a7d8 revert-custom-branch 2020-09-01 17:05:37 +02:00
Joaquin Rinaudo
ebc3c4d4e4 WIP remove comments 2020-09-01 17:04:30 +02:00
Joaquin Rinaudo
2a4cebaa1e WIP: security hub integration 2020-09-01 17:03:25 +02:00
Joaquin Rinaudo
6c0e1a13e3 feature: Only when custom checks are set 2020-09-01 16:36:07 +02:00
Joaquin Rinaudo
0eab753620 feature: Execute custom checks in execute_all 2020-09-01 16:34:19 +02:00
Joaquin Rinaudo
118ff0819e Merge branch 'master' of github.com:xeroxnir/prowler 2020-09-01 16:32:34 +02:00
Joaquin Rinaudo
9baa6d6ae9 revert: master 2020-09-01 16:26:16 +02:00
Joaquin Rinaudo
43f3365bb4 revert: master 2020-09-01 16:22:32 +02:00
Joaquin Rinaudo
580523fde4 fix(all_checks): also run custom folder 2020-09-01 16:17:19 +02:00
Toni de la Fuente
2186f648c8 Ensure that checks are sorted numerically when listing checks @marcjay 
Ensure that checks are sorted numerically when listing checks @marcjay
 2020-09-01 09:13:04 +02:00
Marc Jay
e3ecee83af Ensure that checks are sorted numerically when listing checks 
Sort first by section, then by check within each section
Fix group IDs in documentation

Relates to #545 and #561
 2020-09-01 00:21:48 +01:00
Joaquin Rinaudo
17e74a355f Merge branch 'master' of https://github.com/toniblyx/prowler 2020-08-28 07:13:16 +02:00
Joaquin Rinaudo
9283fb59b4 Merge branch 'master' of github.com:xeroxnir/prowler 2020-08-27 17:09:16 +02:00
Joaquin Rinaudo
c65fc3b989 fix(security-hub): unique finding id, if status not changed, comment otherwise resolve older findings 2020-08-27 17:08:37 +02:00
Toni de la Fuente
7f03ef0e7e Adding back extra798 2020-08-27 16:50:48 +02:00
Toni de la Fuente
1496e3ab60 New check 7.98 [extra798] Ensure that no custom policies exist which allow permissive role assumption (e.g. sts:AssumeRole on *) @nickmalcolm 
New check 7.98 [extra798] Ensure that no custom policies exist which allow permissive role assumption (e.g. sts:AssumeRole on *) @nickmalcolm
 2020-08-27 16:31:18 +02:00
Toni de la Fuente
36a291c4a9 Rename check_extra798 to check_extra7100 2020-08-27 16:30:20 +02:00
Toni de la Fuente
0b9d3e39d4 Merge branch 'master' into master 2020-08-27 16:28:35 +02:00
Toni de la Fuente
1d4563f60d Added extra799 and extra7100 to group extras 
Added extra799 and extra7100 to group extras
 2020-08-27 16:23:08 +02:00
Toni de la Fuente
565edf7b4b Change check ID to extra7100 
Change check ID to extra7100
 2020-08-27 16:21:56 +02:00
Toni de la Fuente
5552ea1eb6 Fix getops OPTARG for custom checks @xeroxnir 
Fix getops OPTARG for custom checks @xeroxnir
 2020-08-27 16:12:59 +02:00
Joaquin Rinaudo
7868904c3b Fix getops OPTARG for custom checks 
Custom checks in folder are not being sourced. `./prowler -c extra800 -x custom` results in empty EXTERNAL_CHECKS_PATH variables due to missing colon.

The fix was tested in both OSX and toniblyx/prowler:latest Docker.

Regards,
 2020-08-26 23:59:02 +02:00
Toni de la Fuente
9647d80fc1 Fix check12 when MFA is enabled and user contains true in the name @xeroxnir 
Fix check12 when MFA is enabled and user contains true in the name @xeroxnir
 2020-08-26 18:41:51 +02:00
Toni de la Fuente
89db9d4b70 Update check12 2020-08-26 18:40:11 +02:00
Toni de la Fuente
553faf72ec Added [extra736] Check exposed KMS keys to group internet-exposed 2020-08-26 16:57:20 +02:00
Toni de la Fuente
33a53663db Added [extra799] Check if Security Hub is enabled and its standard subscriptions 2020-08-25 19:54:57 +02:00
Toni de la Fuente
ca471700c2 Added [extra798] Check if Lambda functions have resource-based policy set as Public 2020-08-25 19:06:06 +02:00
Toni de la Fuente
03b1d898a6 Added AWS partition variable to the ASFF output format 2020-08-25 16:54:22 +02:00
Toni de la Fuente
97e6a80bdc Added AWS partition variable to the ASFF output format 2020-08-25 16:49:20 +02:00
Joaquin Rinaudo
024190dd8a [Check12] Bugfix: Remove $ from grep 
Check is failing to detect users without MFA, solved by removing `$` sign addresses the issue.
 2020-08-21 10:35:50 +02:00
Nick Malcolm
ba87f437d5 This check will identify IAM Policies which allow an IAM Principal (a Role or User) to escalate their privileges due to insecure STS permissions. It is AWS best practice to only use explicitly defined Resources (Role ARNs) for an sts:AssumeRole action. 
See more: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_permissions-to-switch.html#roles-usingrole-createpolicy
 2020-08-20 21:08:00 +12:00
Toni de la Fuente
cd0b5d29dd Added html to -M in usage 2020-08-18 11:59:53 +02:00
Toni de la Fuente
c1992ef2a7 Added html to -M in usage 2020-08-18 11:52:49 +02:00
Toni de la Fuente
7aa0864bd2 Adding EKS checks to eks-cis and extras group @jonjozwiak 
Adding EKS checks to eks-cis and extras group @jonjozwiak
 2020-08-05 19:03:55 +02:00
Jon Jozwiak
022df45ae1 Adding EKS checks to eks-cis and extras group 2020-08-03 08:02:21 -05:00
Toni de la Fuente
f5ec2bceda Adding 4 new EKS checks @jonjozwiak 
Adding 4 new EKS checks @jonjozwiak
 2020-07-31 21:40:38 +02:00
Toni de la Fuente
85efe3e342 Fixed extra737 now doesn't fail for keys scheduled for deletion @QuinnStevens 
Fixed extra737 now doesn't fail for keys scheduled for deletion @QuinnStevens
 2020-07-31 21:33:06 +02:00
Quinn Stevens
93c89530ff Explicitly set output --json for aws call 2020-07-31 20:30:20 +01:00
Toni de la Fuente
4a02d54ec1 Add additional GDPR checks to GDPR group @gchib297 
Add additional GDPR checks to GDPR group @gchib297
 2020-07-31 21:15:30 +02:00
jonjozwiak
a2c92c2e7b Adding 4 EKS checks 2020-07-31 10:42:16 -05:00
gchib
04fae53da5 Add additional GDPR checks 
Added checks:
check11,check110,check111,check112,check116,check120,check122,check13,check14,check15,check16,check17,check18,check19,check28,check29,check31,check310,check311,check312,check313,check314,check32,check33,check34,check36,check37,check38,check41,check42,extra711,extra72,extra723,extra730,extra739,extra76,extra763,extra778,extra78,extra792
 2020-07-24 22:26:09 +05:30
Toni de la Fuente
43d95ac18c Set version label PROWLER_VERSION=2.3.0RC3 2020-07-24 15:22:28 +02:00
Toni de la Fuente
19c68980fe fix typo on title group18 2020-07-24 15:18:46 +02:00
Toni de la Fuente
19bd281c78 Added group18 for ISO27001 thanks to @gchib297 issue #637 2020-07-24 15:16:35 +02:00
Toni de la Fuente
9eb6a6d1fe Add additional checks to HIPAA group @gchib297 
Add additional checks to HIPAA group @gchib297
 2020-07-24 14:58:29 +02:00
Quinn Stevens
e58d8cbc8d Don't fail check extra737 for keys scheduled for deletion 2020-07-24 12:44:57 +01:00
gchib
a8026ba3c3 Add additional HIPAA checks 
Added checks:
check112,check13,check15,check16,check17,check18,check19,check21,check24,check28,check31,check310,check311,check312,check313,check314,check32,check33,check34,check35,check36,check37,check39,extra792.
 2020-07-23 19:10:17 +05:30
Toni de la Fuente
9b1c152607 New check extra793 for SSL listeners on load balancers @jonjozwiak 
New check extra793 for SSL listeners on load balancers
 2020-07-21 16:57:20 +02:00
jonjozwiak
6ba9be46fb Adding check for SSL load balancers 2020-07-17 09:59:53 -05:00
Toni de la Fuente
b3a2f850cf extra792 - skip check if no HTTPS/SSL Listener plus add NLB Support @jonjozwiak 
extra792 - skip check if no HTTPS/SSL Listener plus add NLB Support
 2020-07-17 11:48:28 +02:00