ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 07:15:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,004 Commits 1 Branch 0 Tags
c13cab792be21fb00788100b3b83810620e9cfc7
Commit Graph

170 Commits

Author SHA1 Message Date
Pepe Fagoaga
7c45cb45ae feat(ecr_repositories_scan_vulnerabilities_in_latest_image): Minimum severity is configurable (#2736) 2023-08-18 09:17:02 +02:00
Pepe Fagoaga
bc5a7a961b tests(check_security_group) (#2740) 2023-08-17 11:36:17 +02:00
vysakh-devopspace
54a9f412e8 feat(ec2): New check ec2_instance_detailed_monitoring_enabled (#2735) 
Co-authored-by: Vysakh <venugopal.vysakh@gmail.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-08-16 14:31:06 +02:00
Pepe Fagoaga
8cdc7b18c7 fix(test-vpc): use the right import paths (#2732) 2023-08-16 09:17:18 +02:00
Pepe Fagoaga
fc53b28997 test(s3): Mock S3Control when used (#2722) 2023-08-14 21:48:05 +02:00
Pepe Fagoaga
54137be92b test(python): 3.9, 3.10, 3.11 (#2718) 2023-08-14 21:08:29 +02:00
Pepe Fagoaga
4454d9115e chore(aws): 2nd round - Improve tests and include dot in status extended (#2714) 2023-08-12 01:41:35 +02:00
Pepe Fagoaga
0313dba7b4 chore(aws): Improve tests and status from accessanalyzer to cloudwatch (#2711) 2023-08-11 11:04:04 +02:00
christiandavilakoobin
ade511df28 fix(sns): allow default SNS policy with SourceOwner (#2698) 
Co-authored-by: Azure Pipeplines CI <monitor@koobin.com>
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-08-10 12:13:57 +02:00
Pepe Fagoaga
f4308032c3 fix(cloudfront): fix ViewerProtocolPolicy and GeoRestrictionType (#2701) 2023-08-10 12:02:49 +02:00
Pepe Fagoaga
d41b0332ac feat(athena): New AWS Athena service + 2 workgroup checks (#2696) 2023-08-10 10:23:17 +02:00
Sergio Garcia
36e095c830 fix(iam_role_cross_service_confused_deputy_prevention): add ResourceAccount and PrincipalAccount conditions (#2689) 2023-08-09 10:41:48 +02:00
Pepe Fagoaga
13059e0568 fix(ec2-securitygroups): Handle IPv6 public (#2690) 2023-08-09 10:08:30 +02:00
Pepe Fagoaga
9e8023d716 fix(config): Pass a configuration file using --config-file config.yaml (#2679) 2023-08-09 09:52:45 +02:00
Pepe Fagoaga
efa75a62e3 fix(iam_policy_allows_privilege_escalation): Handle permissions in groups (#2655) 2023-08-03 10:40:51 +02:00
Pepe Fagoaga
5763bca317 refactor(vpc_endpoint_connections_trust_boundaries) (#2667) 2023-08-03 09:56:09 +02:00
Pepe Fagoaga
c335334402 fix(test_only_aws_service_linked_roles): Flaky test (#2666) 2023-08-03 09:18:06 +02:00
Pepe Fagoaga
5bf3f70717 fix(vpc_endpoint_connections_trust_boundaries): Handle AWS Account ID as Principal (#2611) 2023-08-03 09:16:58 +02:00
Sergio Garcia
aced44f051 fix(sns): handle topic policy conditions (#2660) 2023-08-02 11:45:27 +02:00
Sergio Garcia
78f0b823a9 fix(s3_bucket_level_public_access_block): check s3 public access block at account level (#2653) 2023-08-01 11:24:58 +02:00
Pepe Fagoaga
7bdca0420e fix(cloudtrail): Set status to INFO when trail is outside the audited account (#2643) 2023-07-31 17:50:21 +02:00
Pepe Fagoaga
b4e78d28f8 fix(test): mock VPC client (#2640) 2023-07-31 11:19:15 +02:00
Pepe Fagoaga
e3d4e38a59 feat(aws): New AWSService class as parent (#2638) 2023-07-31 11:18:54 +02:00
Pepe Fagoaga
386f558eae fix(ec2_instance_secrets_user_data): Include line numbers in status (#2639) 2023-07-31 10:33:34 +02:00
Chris Farris
03ad403e7a feat(s3): Add checks for publicly listable Buckets or writable buckets by ACL (#2628) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-07-31 08:35:18 +02:00
Gabriel Pragin
965327e801 chore(typos): Update check's status (#2629) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-07-27 11:44:09 +02:00
Pepe Fagoaga
a5c63845b4 test: security groups (#2627) 2023-07-26 16:29:27 +02:00
Sergio Garcia
6328ef4444 fix(guardduty): handle disabled detectors in guardduty_is_enabled (#2616) 2023-07-25 12:26:37 +02:00
dependabot[bot]
18f02fac68 build(deps-dev): bump moto from 4.1.12 to 4.1.13 (#2598) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-07-18 10:37:34 +02:00
Gabriel Pragin
65a737bb58 chore(metadata): Typos (#2595) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-07-18 09:27:58 +02:00
Nacho Rivera
d1c91093e2 feat(cond parser): add policy cond parser & apply in sqs public check (#2575) 2023-07-12 15:39:01 +02:00
Nacho Rivera
6403feaff9 fix(cloudwatch secrets): fix nonetype error handling (#2543) 2023-07-03 12:52:46 +02:00
Sergio Garcia
6efe634850 fix(iam): add StringLike condition in iam_role_cross_service_confused_deputy_prevention (#2533) 2023-06-27 10:06:46 +02:00
Sergio Garcia
c2a05da908 chore(ec2): reduce noise in Security Groups checks (#2525) 2023-06-23 15:06:09 +02:00
Sergio Garcia
e1da9e60fc chore(region): add get_default_region function in AWS Services (#2524) 2023-06-23 14:10:49 +02:00
Sergio Garcia
af2b19436f fix(route53): correct Hosted Zone ARN (#2494) 2023-06-15 16:32:54 +02:00
Sebastian Nyberg
707584b2ef feat(aws): Add MFA flag if try to assume role in AWS (#2478) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
 2023-06-13 17:18:10 +02:00
Sergio Garcia
25e48ae546 chore(arn): include ARN of AWS accounts (#2477) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-06-13 10:18:23 +02:00
Sergio Garcia
01cd4bcb47 chore(arn): add missing ARNs to AWS Services (#2476) 2023-06-12 13:33:12 +02:00
Sebastian Nyberg
49b2a559ae feat(vpc): add check vpc_subnet_no_public_ip_by_default (#2472) 
Co-authored-by: Sergio Garcia <38561120+sergargar@users.noreply.github.com>
 2023-06-12 09:44:10 +02:00
Sergio Garcia
5c4cae8c9d feat(wellarchitected): add WellArchitected service and check (#2461) 2023-06-09 13:19:01 +02:00
Sebastian Nyberg
3c2c896708 chore(vpc): add mapPublicIpOnLaunch attribute to VPC subnets (#2470) 2023-06-09 12:45:28 +02:00
Pepe Fagoaga
b7bb4bbd57 fix(aws): Add missing resources ARN (#2453) 2023-06-06 16:56:59 +02:00
Pepe Fagoaga
86cf2cd233 fix(efs): Include resource ARN and handle from input (#2452) 2023-06-06 14:29:58 +02:00
Sergio Garcia
3c7580f024 fix(ec2): handle false positive in ec2_securitygroup_allow_ingress_from_internet_to_any_port (#2449) 2023-06-06 11:55:27 +02:00
christiandavilakoobin
2955975793 fix(cloudfront): fix DefaultCacheConfigBehaviour enum type(#2430) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-06-05 15:48:34 +02:00
Sergio Garcia
58a29bf058 fix(codebuild): handle FAIL in codebuild_project_user_controlled_buildspec (#2410) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
 2023-05-25 13:30:01 +02:00
Toni de la Fuente
ff18fd2c38 chore(docs): add summary table to README.md (#2402) 
Co-authored-by: Pepe Fagoaga <pepe@verica.io>
Co-authored-by: Sergio Garcia <38561120+sergargar@users.noreply.github.com>
 2023-05-24 13:56:17 +02:00
Sergio Garcia
c01c59023a fix(ClientError): handle ClientErrors in DynamoDB and Directory Service (#2400) 2023-05-24 11:50:08 +02:00
Sergio Garcia
deb9847e2b fix(route53_dangling_ip_subdomain_takeover): notify only IPs with AWS IP Ranges (#2396) 2023-05-23 16:35:13 +02:00