ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 07:15:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,185 Commits 1 Branch 0 Tags
dac24b3aa84621783f23dc23142dea650ebfcf61
Commit Graph

1185 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Toni de la Fuente
dac24b3aa8 Fix issue #624 ID of check_extra792 2020-06-23 19:34:41 +02:00
Toni de la Fuente
84060db013 Added group internet-exposed 2020-06-16 18:01:14 +02:00
Toni de la Fuente
2d927f333a Fixed profile and region settings for extra792 - ELB SSL ciphers @jonjozwiak 
Fixing profile and region settings for extra792 - ELB SSL ciphers
 2020-06-11 09:05:50 +02:00
jonjozwiak
4db109bb26 Fixing profile and region settings for check_extra792 - ELB SSL ciphers 2020-06-10 15:46:34 -05:00
Toni de la Fuente
f1690e8ddc Added old multiaccount sample info to util/other-contrib folder 2020-06-08 13:27:19 +02:00
Toni de la Fuente
acab5d11ed Update README.md with link to new org-multi-account 2020-06-08 13:23:15 +02:00
Toni de la Fuente
f42358f361 AWS Organizational Prowler Deployment @tekdj7 
AWS Organizational Prowler Deployment
 2020-06-08 13:16:42 +02:00
Julio Delgado Jr
9e2580cc34 removed ansi2html, added -M html 2020-06-05 12:06:33 -04:00
Toni de la Fuente
7a46d23820 Import Security Hub finding into the same region as the related resource @marcjay 
Import Security Hub finding into the same region as the related resource
 2020-06-05 15:07:11 +02:00
Marc Jay
4dac3aab55 Import Security Hub finding into the same region as the related resource 
Force the batch-import-findings AWS CLI call to be directed at the region the currently reporting resource is located in, as Security Hub enforces this requirement

When checking that Security Hub is enabled, check for all regions that are in scope, e.g. all regions, unless '-f <region>' is used

Fixes #618
 2020-06-05 12:55:53 +01:00
Toni de la Fuente
26665a4645 Fix extra734 - handle us-east-1 @nimrodkor 
Fix extra734 - handle us-east-1
 2020-06-05 11:09:44 +02:00
Toni de la Fuente
94378726bc Fix extra764 - handle us-east-1 & check validity of policy @nimrodkor 
Fix extra764 - handle us-east-1 & check validity of policy
 2020-06-05 10:48:28 +02:00
Nimrod Kor
4dae0718c1 Fix extra764 - handle us-east-1 & check validity of policy 
(cherry picked from commit 89bd8a90d5767c70a59ab29928501bad3be6ad84)
 2020-06-04 23:18:08 +03:00
Nimrod Kor
ef4d2d33be Fix extra734 - handle us-east-1 
(cherry picked from commit 5f2eb7f82e3814478b380ae5fbb6c8a69536e043)
 2020-06-04 23:15:21 +03:00
Toni de la Fuente
99d1de8c15 Improved whitelisting by splitting ignores by newline instead of spaces only @urjitbhatia 
Split ignores by newline instead of spaces only
 2020-05-29 11:40:44 +02:00
Julio Delgado Jr
a58ee251b5 adhoc & switch user in session manager 2020-05-28 13:43:55 -04:00
Urjit Singh Bhatia
2fca2a49fd Split ignores by newline instead of spaces only 2020-05-27 13:58:55 -07:00
Toni de la Fuente
e69b079220 Fix typo on PR #601 2020-05-27 10:02:32 +02:00
Toni de la Fuente
75cd911b0f Removed ansi2html from Pipfile, Dockerfile and README 2020-05-27 09:55:17 +02:00
Toni de la Fuente
2dda3f1ec1 Removed ansi2html from Pipfile 2020-05-27 09:52:34 +02:00
Toni de la Fuente
46a8a3ca82 Adding support for IRSA @GabrielCastro 
Adding support for IRSA
 2020-05-27 09:44:52 +02:00
Toni de la Fuente
69e2e19e7d Added extra791 and extra792 to group extras 2020-05-27 09:37:10 +02:00
Toni de la Fuente
b7c8f7a7ef New checks for insecure SSL in CloudFront and ELB @jonjozwiak 
Adding insecure SSL checks for CloudFront and ELB, extra791 and extra792
 2020-05-27 09:32:13 +02:00
Jon Jozwiak
06e81a7f33 Update check_extra792 ASFF resource tye 2020-05-26 09:35:48 -05:00
Jon Jozwiak
70337ecd84 Add ASFF resource type 2020-05-26 09:34:37 -05:00
jonjozwiak
df15388577 Adding insecure SSL checks for CloudFront and CLB/ALB 
(cherry picked from commit c9a60c07a2b5497cbed2d70c53821d826171dd68)
 2020-05-26 16:33:18 +03:00
Toni de la Fuente
485b7d90bc Added native html report - upgrade to 21st century ;) 2020-05-25 21:29:29 +02:00
Toni de la Fuente
78b26a022a Added native html report - upgrade to 21st century ;) 2020-05-25 21:24:33 +02:00
Gabriel Castro
3e19ed44e5 Feature: add support for IRSA 
IAM roles for service accounts (IRSA) allows prowler to be used from
inside a kubernetes cluster.
 2020-05-25 13:14:15 -04:00
Toni de la Fuente
3e6f29c3fd Support Ctrl-C/SIG INT stopping Prowler when running in Docker @marcjay 
Support Ctrl-C/SIG INT stopping Prowler when running in Docker
 2020-05-21 18:08:00 +02:00
Toni de la Fuente
e5ce06e761 Write output files to a directory relative to Prowler @marcjay 
Write output files to a directory relative to Prowler
 2020-05-21 18:06:46 +02:00
Toni de la Fuente
e3d5b89531 Delete prowler-logo.png 2020-05-21 14:40:06 +02:00
Toni de la Fuente
7987ee3011 Added Prowler logo to util/html/ 2020-05-21 14:38:33 +02:00
Toni de la Fuente
2b336d08de Added ENV to output when credentials are env variables 2020-05-19 15:06:57 +02:00
Toni de la Fuente
c7ed6a6693 Improved region handing for extra734 and extra764 2020-05-19 15:03:42 +02:00
Toni de la Fuente
48b6c290b1 Enhance handing region on assume role when default is not us-east-1 2020-05-11 16:32:43 +02:00
Toni de la Fuente
e0c2ca2436 Fixed issue #596 for extra71 2020-05-11 13:21:06 +02:00
Toni de la Fuente
38fb596e94 Merge branch 'master' of https://github.com/toniblyx/prowler 2020-05-11 13:16:53 +02:00
Toni de la Fuente
c79d346961 Fixed issue #596 on check114 2020-05-11 13:16:38 +02:00
Marc Jay
0f9783791b Support Ctrl-C/SIG INT stopping Prowler when running in Docker 
Trap Ctrl-C/SIG INT, call cleanup function and then exit, using the appropriate exit code

Fixes #594
 2020-05-08 12:34:03 +01:00
Marc Jay
802d1151c2 Write output files to a directory relative to Prowler 
Write output files (CSV, JSON, etc.) to an `output` directory that is relative to prowler itself, no matter where prowler is invoked from.
Simplify Dockerfile by specifying a WORKDIR
Replace ADD command with the more recommended COPY command
Update README to cover how to run in Docker and access saved reports
Add a .dockerignore file to ignore .git and output directories

This partially addresses #570 - previously, within Docker, Prowler was attempting to write
reports to the root `/` directory in the container, which it did not have permission to do.
Instead, reports are now written to a path relative to Prowler
 2020-05-08 11:46:53 +01:00
Toni de la Fuente
2a9f6c67a8 Change value of FAIL to FAILED for jsonAsff output type @wildtangent 
Change value of FAIL to FAILED for jsonAsff output type
 2020-05-07 17:55:01 +02:00
Stephen Connor
2a54a180da Change value of FAIL to FAILED for jsonAsff output type (incompatible with AWS Security Hub) 2020-05-07 14:47:09 +01:00
Toni de la Fuente
7ab9962e08 Show failures that are ignored due to whitelisting as skipped checks in JUnit output @marcjay 
Show failures that are ignored due to whitelisting as skipped checks in JUnit output
 2020-05-07 09:22:48 +02:00
Marc Jay
6279dc1517 Show failures that are ignored due to whitelisting as skipped checks in JUnit output 
Continue to show (unwhitelisted) failed checks as failures in JUnit output, but rather than exclude failing whitelisted checks from JUnit, mark them as skipped

Fixes #590
 2020-05-07 01:00:42 +01:00
Toni de la Fuente
376cc0ff08 Usage update 2020-05-07 00:48:14 +02:00
Toni de la Fuente
a37160bf41 Usage update 2020-05-07 00:46:43 +02:00
Toni de la Fuente
b72501f691 Usage update 2020-05-07 00:45:45 +02:00
Toni de la Fuente
733aa439ec Usage update 2020-05-07 00:44:27 +02:00
Toni de la Fuente
24fcfb1066 v2.3.0RC 2020-05-06 23:27:30 +02:00