ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 14:55:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
855 Commits 1 Branch 0 Tags
b22b0af2cebdf1250586b64b3db7107efe664a98
Commit Graph

855 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
root
b22b0af2ce Misc fixes to check extra764 2019-12-30 14:20:50 -05:00
Toni de la Fuente
74380a62d9 Merge pull request #443 from zfLQ2qx2/update_ecr_checks 
Add error checking to checks extra77 and extra765
 2019-12-30 16:31:27 +01:00
root
c84190c3d9 Add error checking to checks extra77 and extra765 2019-12-30 10:07:14 -05:00
Toni de la Fuente
42f15ce164 Merge pull request #441 from dbellizzi/master 
Add quiet mode that only logs failures
 2019-12-27 12:33:13 +01:00
Toni de la Fuente
23be47a9b6 Enhanced title for check extra723 2019-12-27 12:09:35 +01:00
Toni de la Fuente
ab75f19a62 Merge pull request #440 from bridgecrewio/feature/small_fixes_to_extra731_extra716 
Small check fixes to extra716 & extra731
 2019-12-27 12:02:55 +01:00
Toni de la Fuente
20b127f516 Added DS IAM actions 2019-12-26 16:34:24 +01:00
Dom Bellizzi
f979c7334f Add quiet mode that only logs failures 2019-12-18 22:06:44 +00:00
Nimrod Kor
1087d60457 Small check fixes 
(cherry picked from commit 70879ba1e03ee7d5e5d59f94fd049620e08e4847)
 2019-12-18 13:24:31 +02:00
Toni de la Fuente
d2b3e5ecdc Added new checks to extras group 2019-12-17 10:44:38 +01:00
Toni de la Fuente
3db94a5a98 Merge pull request #429 from dbellizzi/patch-1 
Add "access-analyzer:ListTagsForResource" to prowler-additions-policy…
 2019-12-17 10:42:04 +01:00
Toni de la Fuente
0d120a4536 Merge pull request #437 from bridgecrewio/feature/check_bucket_policies_public_write 
Check bucket policies public write
 2019-12-17 10:41:35 +01:00
Toni de la Fuente
0ab5d87b8f Merge pull request #433 from kmcquade/check/public-instance-with-instance-profile-attached 
Added check_extra770, which checks for internet facing instances with an instance profile attached
 2019-12-17 10:40:01 +01:00
Toni de la Fuente
39c7ea52c6 Add feature custom checks folder issue #439 2019-12-17 10:37:14 +01:00
Toni de la Fuente
933e4152cc Merge pull request #435 from bridgecrewio/feature/fix_check26 
Fix check26 - get the account ID from sts
 2019-12-17 10:14:11 +01:00
Nimrod Kor
fc3f4e830e Reuse ACCOUNT_NUM 2019-12-17 09:29:06 +02:00
Nimrod Kor
7e803bb6a9 Change to check 771 2019-12-15 18:18:02 +02:00
Nimrod Kor
2d5d551696 Initial commit 2019-12-15 18:18:02 +02:00
Nimrod Kor
8e1aa17a80 Fix check26 - get the account ID from sts 
(cherry picked from commit ae20d9c5b770ac593e64fa399fde55312d97ae1c)
 2019-12-15 15:55:54 +02:00
Toni de la Fuente
dd5bf6c7f8 Merge pull request #432 from bridgecrewio/feature/fix_check21 
Add trail count to check21 and fail if no trail exist
 2019-12-13 14:22:14 +01:00
Dominick Bellizzi
7cb869ad33 use more generic access-analyzer:List* 2019-12-12 09:36:19 -08:00
Kinnaird McQuade
3b264d556b Added check_extra770, which checks for internet facing instances with an Instance Profile attached. 2019-12-12 11:07:14 -05:00
Toni de la Fuente
e4a063f9d1 Merge pull request #430 from JohnVonNeumann/patch-1 
UPDATE README.md - fix incorrect group flag
 2019-12-12 10:19:28 +01:00
Nimrod Kor
559b0585dc Add trail count to check21 and fail if no trail exist 
(cherry picked from commit fcf28dfa70fb93df9f61393b8dff2cc5fc14729e)
 2019-12-12 09:45:06 +02:00
JohnVonNeumann
2da125ff8b UPDATE README.md - fix incorrect group flag 
To run prowler with the cislevelx group you use '-g', not '-c'
 2019-12-12 11:28:52 +11:00
Dominick Bellizzi
53f097c2af Add "access-analyzer:ListTagsForResource" to prowler-additions-policy.json 
check extra769 (Check if IAM Access Analyzer is enabled and its findings) requires this IAM permission
 2019-12-06 14:49:36 -08:00
Toni de la Fuente
b6e34adc24 Fix issue #409 2019-12-05 12:52:19 +01:00
Toni de la Fuente
7b5ece8007 New check IAM Access Analyzer issue #428 2019-12-03 15:58:19 +01:00
Toni de la Fuente
fe65eaf373 New check ECS scan on push issue #427 2019-12-03 15:27:09 +01:00
Toni de la Fuente
4af3dc1254 Fix issue #426 updated base64 function 2019-12-02 15:26:48 +01:00
Toni de la Fuente
923fadbfa9 Merge pull request #425 from zfLQ2qx2/check-3xx-whitespace-tolerance 
Make check3x more tolerant
 2019-11-26 10:18:49 +01:00
Toni de la Fuente
3f68accf6f Added missing file iam/prowler-additions-policy.json 2019-11-26 09:57:29 +01:00
zfLQ2qx2
25d1aa9126 Make check3x more tolerant 2019-11-26 00:56:52 -05:00
Toni de la Fuente
dce9d5c96d Merge pull request #423 from barnhartguy/master 
Update check_extra768
 2019-11-25 10:03:27 +01:00
Toni de la Fuente
80c6900193 Merge pull request #424 from willthames/extra764_fix 
Fix extra764 check
 2019-11-25 10:01:51 +01:00
Will Thames
2e11e0a3f2 Fix extra764 check 
Add missing bracket to prevent:

```
jq: error: syntax error, unexpected INVALID_CHARACTER, expecting $end (Unix shell quoting issues?) at <top-level>, line 1:
.Statement[]|select(((.Principal|type == "object") and .Principal.AWS == "*") or ((.Principal|type == "string") and
.Principal == "*")) and .Action=="s3:*" and (.Resource|type == "array") and (.Resource|map({(.):0})[]|has($arn)) and
(.Resource|map({(.):0})[]|has($arn+"/*")) and .Condition.Bool."aws:SecureTransport" == "false")
```

(line breaks added to reduce commit width)
 2019-11-25 16:01:26 +10:00
barnhartguy
c630c02a26 Update check_extra768 
fixed typo
 2019-11-24 14:37:09 +02:00
Toni de la Fuente
e18cea213b consolidated ProwlerReadOnlyPolicy and available json 2019-11-22 12:42:57 +01:00
Toni de la Fuente
8f91bfee24 clean up documentation and added info to check_sample 2019-11-22 11:59:03 +01:00
Toni de la Fuente
a191a4eae6 consolidated ProwlerReadOnlyPolicy and available json 2019-11-22 11:41:13 +01:00
Toni de la Fuente
ce7e07d66d consolidated ProwlerReadOnlyPolicy and available json 2019-11-22 11:29:16 +01:00
Toni de la Fuente
ab5ed2c527 Merge pull request #421 from jonrau-at-aws/master 
Update HIPAA language
 2019-11-22 09:49:57 +01:00
Toni de la Fuente
c513e7af6c Merge pull request #420 from bridgecrewio/feature/ecs_task_definition_secrets_check_contribute 
Add ECS task definition environment variables check
 2019-11-22 00:18:00 +01:00
Toni de la Fuente
2e1cead3a2 Merge pull request #419 from zfLQ2qx2/prowler-extra719 
Filter out private zones in check extra719
 2019-11-22 00:12:36 +01:00
Toni de la Fuente
5c8b0aa942 Merge pull request #418 from zfLQ2qx2/prowler-check726 
Handle Trusted Advisor entitlement issue gracefully
 2019-11-22 00:10:39 +01:00
Toni de la Fuente
15dda01842 Merge pull request #417 from zfLQ2qx2/prowler-misc-updates 
Update extra764 and extra734, add .gitignore rules for vim
 2019-11-22 00:09:35 +01:00
Nimrod Kor
d19ae27f7c Fix merge issue 2019-11-21 12:48:17 -08:00
Nimrod Kor
b61af3a9eb Add ECS task definition environment variables check 
(cherry picked from commit 662f287dd6739cd6d8e5e0d95537f4ca4b7b6493)
 2019-11-21 12:44:09 -08:00
zfLQ2qx2
687686c929 Filter out private zones in check extra719 2019-11-21 15:36:38 -05:00
zfLQ2qx2
94a90599bd Handle Trusted Advisor entitlement issue gracefully 2019-11-21 15:17:03 -05:00