ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 23:05:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,009 Commits 1 Branch 0 Tags
d39bad2ee28d02b6fca835583c7bfebc10dcf4db
Commit Graph

1009 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Toni de la Fuente
d39bad2ee2 Merge pull request #541 from marcjay/sort-checks-correctly-when-excludes-in-place-492 
Avoid changing the execution order of checks when some checks are excluded
 2020-04-13 13:40:20 +02:00
Toni de la Fuente
3c77130f65 Merge pull request #540 from marcjay/check121-filter-out-password-access-513 
check121 - Filter out users who do not have a console password
 2020-04-13 13:31:33 +02:00
Toni de la Fuente
d855432f28 Merge pull request #538 from marcjay/fix-no-information-extra774-501 
Extra 774 - Handle IAM credential report containing 'no_information' for a user's last console login date
 2020-04-13 13:30:24 +02:00
Toni de la Fuente
3e1d9ea0d3 Merge pull request #539 from marcjay/handle-gnu-date-as-default-on-mac-osx-534 
Detect when GNU coreutils is installed on Mac OS X and use the correct date functions
 2020-04-13 13:27:42 +02:00
Marc Jay
24e691901e Convert tabs to spaces within modified function 2020-04-12 17:17:46 +01:00
Marc Jay
57c15c2cc9 Avoid changing the execution order of checks when some checks are excluded 
Replace the use of `sort -u` to remove duplicate checks, which has the side-effect of reordering checks alphabetically when one or more are excluded with awk, which preserves the check order

Adjust indentation and formatting to be more consistent with the rest of the file

Fixes #492
 2020-04-12 17:12:54 +01:00
Marc Jay
4f623b4e31 check121 - Filter out users who do not have a console password 
According to the benchmark, only users with a console password should be considered for this check,
therefore filter out any users who do not have a console password

Fixes #513
 2020-04-12 02:18:42 +01:00
Marc Jay
d9588f4de0 Detect when GNU coreutils is installed on Mac OS X and use the correct date functions 
As some users may have installed GNU coreutils on Mac OS X, e.g. `brew install coreutils`, it's possible that
the `date` command uses the GNU version, instead of the standard BSD version.

- Detect if GNU coreutils is installed on Mac and if it is, use the GNU variants of date functions
- Reduce some of the duplication in the file, which resolves a bug where the cygwin version of `how_many_days_from_today()`
had the operands switched around, leading to a positive result instead of negative
- Add test_tcp_connectivity function for cygwin (uses the GNU variant)

Fixes #534
 2020-04-12 01:28:11 +01:00
Marc Jay
ce1058dfed Remove the varying number of days in the message so that message stays consistent over time 2020-04-12 01:22:34 +01:00
Marc Jay
8d9c7e8ab0 Handle IAM credential report containing 'no_information' for a user's last console login date 
A user who has never logged into the console, or not logged in since Oct 2014 will present as 'no_information' in the
'password_last_used' column of the credential report. Handle this scenario and output a failed message if it has been
more than MAX_DAYS days since the user was created, or an info message if it is less than MAX_DAYS

Fixes #501
 2020-04-11 20:07:03 +01:00
Toni de la Fuente
8f83da985a PR #511 2020-04-08 18:00:54 +02:00
Toni de la Fuente
effc3eb14d Added new checks to group extras 2020-04-08 14:06:11 +02:00
Toni de la Fuente
6ea37b05ca Improvements and new checks for elasticsearch 2020-04-08 14:00:12 +02:00
Toni de la Fuente
9c4e629647 Fixed typo in extra786 2020-04-07 20:28:38 +02:00
Toni de la Fuente
bd432fed92 New check for Metadata Service Version 2 #413 2020-04-07 16:46:46 +02:00
Toni de la Fuente
b5e1c9002a Improved policy handling on extra716 2020-04-03 17:54:55 +02:00
Toni de la Fuente
afb908f190 Improved policy handling on extra716 2020-04-03 17:54:25 +02:00
Toni de la Fuente
e567ccb828 v2.2.1 with new function and Improved extra779 and extra716 2020-04-02 15:31:43 +02:00
Toni de la Fuente
2c580dd750 Fix issue #488 only works if CloudWatchLog configuration 2020-04-02 00:19:43 +02:00
Toni de la Fuente
9dec4e6eb3 Fix issue #488 only works if IsMultiRegionTrail 2020-04-02 00:02:42 +02:00
Toni de la Fuente
2e2fe96ff5 Improved extra716 filters and auth check 2020-04-01 21:57:20 +02:00
Toni de la Fuente
2e2e9b85af Merge branch 'master' of https://github.com/toniblyx/prowler 2020-04-01 16:53:04 +02:00
Toni de la Fuente
1ae5d5d725 Added custom ports variable to extra779 2020-04-01 16:52:52 +02:00
Toni de la Fuente
71c9d12184 Merge pull request #526 from dhirajdatar/change-in-usage 
Updated extra in usage of extra for multiple checks
 2020-03-31 13:24:23 +02:00
dhirajdatar
059c701923 Update README.md 2020-03-31 16:46:38 +05:30
Toni de la Fuente
d24e824735 Merge pull request #522 from yumminhuang/master 
Ignore imported ACM Certificate in check_extra724
 2020-03-27 15:03:45 +01:00
Huang Yaming
1419d4887a Ignore imported ACM Certificate in check_extra724 2020-03-27 14:49:52 +08:00
Toni de la Fuente
ba75d89911 Added connection test for port 9300 in both linux and macosx on extra779 2020-03-25 18:20:20 +01:00
Toni de la Fuente
8faf1f45c4 Added connection test for port 9300 in both linux and macosx on extra779 2020-03-25 18:19:41 +01:00
Toni de la Fuente
eae4722499 Updated ES check titles and results 2020-03-25 17:25:38 +01:00
Toni de la Fuente
8c18533752 Updated check titles 2020-03-25 17:18:43 +01:00
Toni de la Fuente
ee82424869 Enhanced extra779 with better authentication test and TEST_ES_AUTHENTICATION disabled 2020-03-25 12:44:10 +01:00
Toni de la Fuente
b4aaf0b81e Added initial PCI group without checks yet, issue #296 2020-03-25 10:53:55 +01:00
Toni de la Fuente
f809f2fa1d Modify group names header to clarify what is CIS only 2020-03-25 10:53:05 +01:00
Toni de la Fuente
1615478444 Fixed query on extra779 2020-03-25 09:40:03 +01:00
Toni de la Fuente
568bba4c38 Add Elasticsearch checks issue #521 2020-03-24 23:46:11 +01:00
Toni de la Fuente
705d75606d Merge pull request #520 from bridgecrewio/bugfix/extra774_fixes 
extra774 requires credential report to run successfully
 2020-03-23 15:50:08 +01:00
Toni de la Fuente
3ff4acf648 Merge branch 'lanhhuyet510-patch-2' 2020-03-23 15:09:45 +01:00
Toni de la Fuente
e082ef05f0 Merge branch 'patch-2' of https://github.com/lanhhuyet510/prowler into lanhhuyet510-patch-2 2020-03-23 15:09:15 +01:00
Toni de la Fuente
2db9151939 Merge pull request #508 from renuez/checks/find_security_groups_with_wide_open_non_RFC1918_IPv4 
Checks/find security groups with wide open non rfc1918 IPv4 addresses
 2020-03-23 14:50:05 +01:00
Toni de la Fuente
db3ac2361c Merge branch 'master' into checks/find_security_groups_with_wide_open_non_RFC1918_IPv4 2020-03-23 14:48:05 +01:00
Toni de la Fuente
30941c355c Added extra777 - Security Groups with too many rules @renuez 2020-03-23 14:39:23 +01:00
Nimrod Kor
25bc8699b3 check_extra774 - revert changes 
(cherry picked from commit 87fd299cdb46f23dd92f4bd2dc99dd0b0db103c2)
 2020-03-22 11:24:07 +02:00
Nimrod Kor
d62027440d extra774 - check correct date, consolidate files and fix report generation 
(cherry picked from commit 75d66df94061d5cbc738384e74f0a3f42d0d6b37)
 2020-03-22 11:24:07 +02:00
Ngọ Anh Đức
0979f421c3 Update check21 2020-03-09 13:00:43 +07:00
Ngọ Anh Đức
89514a1fa8 Update check21 2020-03-09 12:59:47 +07:00
Ngọ Anh Đức
ba13f25c9e Update check21 2020-03-09 12:57:49 +07:00
Ngọ Anh Đức
53ee538e0f add $PROFILE_OPT to the CLI 2020-03-09 12:57:00 +07:00
Ngọ Anh Đức
3116adf86e Update check21 2020-03-09 12:46:16 +07:00
Ngọ Anh Đức
263926a53b Improve check21 
- Add ISLOGGING_STATUS, INCLUDEMANAGEMENTEVENTS_STATUS, READWRITETYPE_STATUS to check
- Remove ` --no-include-shadow-trails ` from CLI
2.1 Ensure CloudTrail is enabled in all regions (Scored):
Via CLI
1. ` aws cloudtrail describe-trails `
Ensure `IsMultiRegionTrail` is set to true
2. `aws cloudtrail get-trail-status --name <trailname shown in describe-trails>`
Ensure `IsLogging` is set to true
3. `aws cloudtrail get-event-selectors --trail-name <trailname shown in describetrails>`
Ensure there is at least one Event Selector for a Trail with `IncludeManagementEvents` set to
`true` and `ReadWriteType` set to `All`
 2020-03-09 12:44:23 +07:00