ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 07:15:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,583 Commits 1 Branch 0 Tags
b14ac340bbe7e4812fd4854569255a52742e2da4
Commit Graph

1583 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Geoff
b14ac340bb Update: Add data to the ASFF 
Added in the ASFF ProductFields ProwlerResourceName.  The resource name is passed into the fining from the third parameter in the Prowler checks
 2021-06-16 09:12:17 -05:00
Toni de la Fuente
86aa9c317f HTML Report: Filtering and other nice things @nickmalcolm 
HTML Report: Filtering and other nice things @nickmalcolm
 2021-06-14 14:31:48 +02:00
Toni de la Fuente
7dec9f3d52 Merge branch '2.5' into nicer-html 2021-06-14 14:30:04 +02:00
Nick Malcolm
da45af78bc Disable ordering so that it sticks with the order the HTML was generated 2021-06-14 21:13:19 +12:00
Nick Malcolm
01663e4e0d Page width improvements. Use the 'link' icon for the link to docs, to cut down on page width. Remove the status column to save width, and also remove redundancy (colour coding and Result column serve the same purpose). Remove the column widths that added to over 100%. 2021-06-14 21:00:40 +12:00
Nick Malcolm
34e27131fd Refactor the HTML outputs so that they reuse code and are easier to change 2021-06-14 20:46:14 +12:00
Nick Malcolm
89af81ed22 Use DataTable's SearchPanes extension to allow easy filtering by result, severity, region, service, or check. 2021-06-14 20:33:38 +12:00
Nick Malcolm
f5a4e357b9 Consolidate javascript at the bottom of the template. Remove duplicate bootstrap includes - you only need bundle to get Popper (see https://getbootstrap.com/docs/4.0/getting-started/contents/#js-files) and you don't need both plain bootstrap and bundled bootstrap. Remove dupe jQuery too. 2021-06-14 20:27:16 +12:00
Toni de la Fuente
1229815c04 Add WAF CLASSIC check for extra7129 @kamiryo 
Add WAF CLASSIC check for extra7129 @kamiryo
 2021-06-11 17:17:28 +02:00
kamiryo
79a0eb622d Add WAF CLASSIC check for extra7129 2021-06-10 23:13:17 +09:00
Toni de la Fuente
f38f99e786 Corrected bug on groups when listing checks @pablopagani 
Corrected bug on groups when listing checks @pablopagani
 2021-06-10 10:29:37 +02:00
Pablo Pagani
aa3edbc636 corrected bug on groups when listing checks 
corrected bug on groups when listing checks (option -l)
Previous regular expression will include groups when it matched half of the check_id
 2021-06-09 14:01:27 -03:00
Toni de la Fuente
3f07afd7d4 Added custom file option @yangsec888 
Added custom file option @yangsec888
 2021-06-08 15:46:47 +02:00
Toni de la Fuente
701d5687be Fixed issue #811 @h1008 
Fixed issue #811 @h1008
 2021-06-08 14:50:59 +02:00
Toni de la Fuente
382e9c8e00 Align group21 title with the rest @w0rmr1d3r 
Align group21 title with the rest @w0rmr1d3r
 2021-06-08 14:49:52 +02:00
Ramon
c74faa6d07 add missing * to align with the rest of the titles 2021-06-08 14:18:46 +02:00
h1008
5aeb670a84 Fixed issue #811 2021-06-05 11:57:04 +02:00
Toni de la Fuente
124ae0fd2e Fixed kms keys compatibility in cli v2 and v1 2021-06-02 17:53:12 +02:00
Toni de la Fuente
4ddf0aff86 Added extra7142 to group extras 2021-06-01 12:28:30 +02:00
Toni de la Fuente
96b9accea8 New check extra7142 ALB Header Check request smuggling @Outrun207 
New check extra7142 ALB Header Check request smuggling @Outrun207
 2021-06-01 12:27:07 +02:00
Toni de la Fuente
324a1002a5 Fix finding customer kms keys in cli v2 for checks extra737 extra736 @dbellizzi 
Fix finding customer kms keys in cli v2 for checks extra737 extra736 @dbellizzi
 2021-06-01 12:24:19 +02:00
Toni de la Fuente
311d21546d Enhanced -f <filterregion> usage info 2021-06-01 09:10:51 +02:00
Toni de la Fuente
5f1fa558c9 Changes in text output with severity and service name 2021-06-01 09:09:25 +02:00
Toni de la Fuente
9b6198d5b0 Merge branch '2.5' of https://github.com/toniblyx/prowler into 2.5 2021-05-31 18:48:10 +02:00
Toni de la Fuente
55e703540e Fixed typo in check extra7141 ID 2021-05-31 18:47:56 +02:00
Dom Bellizzi
baf5232cbc Fix finding customer kms keys in cli v2 for checks extra737 extra736 
Key id is in position 6 in aws cli version 2.2.5, but in position 4 in aws cli 1.x
Use --query to select only the data necessary and output in a consistent format
 2021-05-29 22:27:15 +00:00
Josh Moss
e3893c7d5b Update check_extra7142 2021-05-25 13:49:27 -04:00
Sam (Yang) Li
a711b482df Fix #795 custom file option 2021-05-20 14:49:53 -04:00
Josh Moss
229d9ba00c ALB Header Check 2021-05-20 12:36:30 -04:00
Toni de la Fuente
51617df6c9 Bump Alpine to 3.13 in Dockerfile @gliptak 
Bump Alpine to 3.13 in Dockerfile @gliptak
 2021-05-20 17:10:28 +02:00
Toni de la Fuente
78e5dc5dba Added new check extra7141 to detect secrets in SSM Documents 2021-05-18 18:28:15 +02:00
Toni de la Fuente
1655bdb902 Added resource id to RDS checks and in json,csv,html outputs 2021-05-18 16:57:37 +02:00
Toni de la Fuente
30442b2da7 Added new check extra7140 for public SSM Documents 2021-05-18 16:10:55 +02:00
Toni de la Fuente
501082876c Fixed alias of extra7139 2021-05-18 16:08:10 +02:00
Toni de la Fuente
8d9ca987b5 Added link to doc for check45 check46 extra7138 and extras 2021-05-18 15:41:45 +02:00
Toni de la Fuente
f4cd84afd2 Merge pull request #785 from jfagoagas/new-acls-checks 
Added new checks to test Network ACLs open to 22, 3389 and any port
 2021-05-18 15:35:33 +02:00
Toni de la Fuente
46c6f44055 Merge branch '2.5' into new-acls-checks 2021-05-18 15:34:27 +02:00
Gábor Lipták
b72f66469e Bump Alpine to 3.13 in Dockerfile 2021-05-17 11:23:51 -04:00
Toni de la Fuente
cf4034c3b4 Improved error handling sts get-caller-identity @pablopagani 
Improved error handling sts get-caller-identity @pablopagani
 2021-05-04 15:43:29 +02:00
Toni de la Fuente
7c65430508 Improved error handling when listing regions @pablopagani 
Improved error handling when listing regions @pablopagani
 2021-05-04 15:39:25 +02:00
Toni de la Fuente
497b473431 Added check extra7139 shows number of GuardDuty critical findings @pablopagani 
Added check extra7139 shows number of GuardDuty critical findings @pablopagani
 2021-05-04 15:35:36 +02:00
Pablo Pagani
5385c4e546 Improved error handling sts get-caller-identity 
Instead of looking for a fixed error string, it uses error codes from aws cli
Previos condition was not catching this error message:
An error occurred (ExpiredToken) when calling the GetCallerIdentity operation: The security token included in the request is expired
Also forced the output of the command to json. In some tests I was doing was failing becuase it was sending output as text
 2021-05-01 17:54:11 -03:00
Pablo Pagani
9ac8c78fdb improved error handling when listing regions 2021-05-01 17:47:08 -03:00
Pablo Pagani
ce00f3a019 improved error handling. Added check 7139 . 2021-05-01 17:33:54 -03:00
Pepe Fagoaga
2727b7e8e2 fix(network-acls): update resource type to match AWS documentation 2021-04-28 18:50:20 +02:00
Pepe Fagoaga
2dc1ce61ec fix(network-acls): fix line typo 2021-04-26 12:30:44 +02:00
Pepe Fagoaga
625384ad6d feat(network-acls): include checks in networking and internetexposed checks 2021-04-24 13:38:36 +02:00
Pepe Fagoaga
056190cfc9 feat(network-acls): change textFail to textInfo because NACLs are stateless 2021-04-24 13:24:33 +02:00
Pepe Fagoaga
8f784a4548 feat(network-acls): include checks to test NetworkACLs open to 22, 3389 and any port 2021-04-24 13:13:41 +02:00
Pepe Fagoaga
f1185213e8 Merge branch 'master' of github.com:toniblyx/prowler 2021-04-22 18:30:48 +02:00