ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 07:15:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
995 Commits 1 Branch 0 Tags
bd432fed920d0587c1ef9a7227a7157db86990fa
Commit Graph

995 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Toni de la Fuente
bd432fed92 New check for Metadata Service Version 2 #413 2020-04-07 16:46:46 +02:00
Toni de la Fuente
b5e1c9002a Improved policy handling on extra716 2020-04-03 17:54:55 +02:00
Toni de la Fuente
afb908f190 Improved policy handling on extra716 2020-04-03 17:54:25 +02:00
Toni de la Fuente
e567ccb828 v2.2.1 with new function and Improved extra779 and extra716 2020-04-02 15:31:43 +02:00
Toni de la Fuente
2c580dd750 Fix issue #488 only works if CloudWatchLog configuration 2020-04-02 00:19:43 +02:00
Toni de la Fuente
9dec4e6eb3 Fix issue #488 only works if IsMultiRegionTrail 2020-04-02 00:02:42 +02:00
Toni de la Fuente
2e2fe96ff5 Improved extra716 filters and auth check 2020-04-01 21:57:20 +02:00
Toni de la Fuente
2e2e9b85af Merge branch 'master' of https://github.com/toniblyx/prowler 2020-04-01 16:53:04 +02:00
Toni de la Fuente
1ae5d5d725 Added custom ports variable to extra779 2020-04-01 16:52:52 +02:00
Toni de la Fuente
71c9d12184 Merge pull request #526 from dhirajdatar/change-in-usage 
Updated extra in usage of extra for multiple checks
 2020-03-31 13:24:23 +02:00
dhirajdatar
059c701923 Update README.md 2020-03-31 16:46:38 +05:30
Toni de la Fuente
d24e824735 Merge pull request #522 from yumminhuang/master 
Ignore imported ACM Certificate in check_extra724
 2020-03-27 15:03:45 +01:00
Huang Yaming
1419d4887a Ignore imported ACM Certificate in check_extra724 2020-03-27 14:49:52 +08:00
Toni de la Fuente
ba75d89911 Added connection test for port 9300 in both linux and macosx on extra779 2020-03-25 18:20:20 +01:00
Toni de la Fuente
8faf1f45c4 Added connection test for port 9300 in both linux and macosx on extra779 2020-03-25 18:19:41 +01:00
Toni de la Fuente
eae4722499 Updated ES check titles and results 2020-03-25 17:25:38 +01:00
Toni de la Fuente
8c18533752 Updated check titles 2020-03-25 17:18:43 +01:00
Toni de la Fuente
ee82424869 Enhanced extra779 with better authentication test and TEST_ES_AUTHENTICATION disabled 2020-03-25 12:44:10 +01:00
Toni de la Fuente
b4aaf0b81e Added initial PCI group without checks yet, issue #296 2020-03-25 10:53:55 +01:00
Toni de la Fuente
f809f2fa1d Modify group names header to clarify what is CIS only 2020-03-25 10:53:05 +01:00
Toni de la Fuente
1615478444 Fixed query on extra779 2020-03-25 09:40:03 +01:00
Toni de la Fuente
568bba4c38 Add Elasticsearch checks issue #521 2020-03-24 23:46:11 +01:00
Toni de la Fuente
705d75606d Merge pull request #520 from bridgecrewio/bugfix/extra774_fixes 
extra774 requires credential report to run successfully
 2020-03-23 15:50:08 +01:00
Toni de la Fuente
3ff4acf648 Merge branch 'lanhhuyet510-patch-2' 2020-03-23 15:09:45 +01:00
Toni de la Fuente
e082ef05f0 Merge branch 'patch-2' of https://github.com/lanhhuyet510/prowler into lanhhuyet510-patch-2 2020-03-23 15:09:15 +01:00
Toni de la Fuente
2db9151939 Merge pull request #508 from renuez/checks/find_security_groups_with_wide_open_non_RFC1918_IPv4 
Checks/find security groups with wide open non rfc1918 IPv4 addresses
 2020-03-23 14:50:05 +01:00
Toni de la Fuente
db3ac2361c Merge branch 'master' into checks/find_security_groups_with_wide_open_non_RFC1918_IPv4 2020-03-23 14:48:05 +01:00
Toni de la Fuente
30941c355c Added extra777 - Security Groups with too many rules @renuez 2020-03-23 14:39:23 +01:00
Nimrod Kor
25bc8699b3 check_extra774 - revert changes 
(cherry picked from commit 87fd299cdb46f23dd92f4bd2dc99dd0b0db103c2)
 2020-03-22 11:24:07 +02:00
Nimrod Kor
d62027440d extra774 - check correct date, consolidate files and fix report generation 
(cherry picked from commit 75d66df94061d5cbc738384e74f0a3f42d0d6b37)
 2020-03-22 11:24:07 +02:00
Ngọ Anh Đức
0979f421c3 Update check21 2020-03-09 13:00:43 +07:00
Ngọ Anh Đức
89514a1fa8 Update check21 2020-03-09 12:59:47 +07:00
Ngọ Anh Đức
ba13f25c9e Update check21 2020-03-09 12:57:49 +07:00
Ngọ Anh Đức
53ee538e0f add $PROFILE_OPT to the CLI 2020-03-09 12:57:00 +07:00
Ngọ Anh Đức
3116adf86e Update check21 2020-03-09 12:46:16 +07:00
Ngọ Anh Đức
263926a53b Improve check21 
- Add ISLOGGING_STATUS, INCLUDEMANAGEMENTEVENTS_STATUS, READWRITETYPE_STATUS to check
- Remove ` --no-include-shadow-trails ` from CLI
2.1 Ensure CloudTrail is enabled in all regions (Scored):
Via CLI
1. ` aws cloudtrail describe-trails `
Ensure `IsMultiRegionTrail` is set to true
2. `aws cloudtrail get-trail-status --name <trailname shown in describe-trails>`
Ensure `IsLogging` is set to true
3. `aws cloudtrail get-event-selectors --trail-name <trailname shown in describetrails>`
Ensure there is at least one Event Selector for a Trail with `IncludeManagementEvents` set to
`true` and `ReadWriteType` set to `All`
 2020-03-09 12:44:23 +07:00
Philipp Zeuner
cb5858d08a Updated check_extra778 to use PROFILE_OPT and AWSCLI 2020-03-08 09:56:52 +01:00
Philipp Zeuner
1b2b52e6a7 Fixed check_extra778 reference CHECK_ID 2020-03-08 09:22:11 +01:00
Philipp Zeuner
f5d083f781 Updated check_extra778 to exclude 0.0.0.0/0 edge case 2020-03-08 09:21:17 +01:00
Philipp Zeuner
f585ca54d1 Fixed check_extra788 logic bug related to SECURITY_GROUP and improved check_cidr() isolation 2020-03-08 09:20:05 +01:00
Philipp Zeuner
f149fb7535 Refactored check name to check_extra778 2020-03-08 08:15:20 +01:00
Toni de la Fuente
530bacac5b Merge pull request #510 from jonjozwiak/master 
Improve performance of check_extra742 by limiting to one AWS CLI call per region
 2020-03-05 21:33:26 +01:00
Toni de la Fuente
0b2c3c9f4f Merge pull request #509 from nexeck/new_check_ecr_findings 
fix: Enable check extra776 in extra group
 2020-03-05 21:26:34 +01:00
jonjozwiak
8173c20941 Improve performance of check_extra742 by limiting to one AWS CLI call 2020-03-04 16:46:28 +02:00
Marcel Beck
95cb26fb2b fix: Enable check extra776 in extra group 2020-03-04 07:27:40 +01:00
Toni de la Fuente
c0d8258283 [new check] Check if ECR image scan found vulnerabilities in the newest image version 
[new check] Check if ECR image scan found vulnerabilities in the newest image version
 2020-03-03 23:06:44 +01:00
Toni de la Fuente
4646dbcd0b Updated check_extra776 title 2020-03-03 23:04:09 +01:00
Marcel Beck
db260da8b0 feat: New check for ecr image scan findings 
This will check if there is any ecr image with findings.
 2020-03-03 22:53:26 +01:00
Philipp Zeuner
162ff05e42 Updated check_extra777 to fix CHECK_ALTERNATE variable 2020-03-02 22:53:32 +01:00
Philipp Zeuner
6ea863ac3b Initial commit 2020-03-01 20:26:51 +01:00