ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 23:05:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
961 Commits 1 Branch 0 Tags
db3ac2361c94ccfbad94dff1990ab26cb8910985
Commit Graph

311 Commits

Author SHA1 Message Date
Toni de la Fuente
db3ac2361c Merge branch 'master' into checks/find_security_groups_with_wide_open_non_RFC1918_IPv4 2020-03-23 14:48:05 +01:00
Toni de la Fuente
30941c355c Added extra777 - Security Groups with too many rules @renuez 2020-03-23 14:39:23 +01:00
Philipp Zeuner
cb5858d08a Updated check_extra778 to use PROFILE_OPT and AWSCLI 2020-03-08 09:56:52 +01:00
Philipp Zeuner
1b2b52e6a7 Fixed check_extra778 reference CHECK_ID 2020-03-08 09:22:11 +01:00
Philipp Zeuner
f5d083f781 Updated check_extra778 to exclude 0.0.0.0/0 edge case 2020-03-08 09:21:17 +01:00
Philipp Zeuner
f585ca54d1 Fixed check_extra788 logic bug related to SECURITY_GROUP and improved check_cidr() isolation 2020-03-08 09:20:05 +01:00
Philipp Zeuner
f149fb7535 Refactored check name to check_extra778 2020-03-08 08:15:20 +01:00
jonjozwiak
8173c20941 Improve performance of check_extra742 by limiting to one AWS CLI call 2020-03-04 16:46:28 +02:00
Toni de la Fuente
c0d8258283 [new check] Check if ECR image scan found vulnerabilities in the newest image version 
[new check] Check if ECR image scan found vulnerabilities in the newest image version
 2020-03-03 23:06:44 +01:00
Toni de la Fuente
4646dbcd0b Updated check_extra776 title 2020-03-03 23:04:09 +01:00
Marcel Beck
db260da8b0 feat: New check for ecr image scan findings 
This will check if there is any ecr image with findings.
 2020-03-03 22:53:26 +01:00
Philipp Zeuner
162ff05e42 Updated check_extra777 to fix CHECK_ALTERNATE variable 2020-03-02 22:53:32 +01:00
Philipp Zeuner
6ea863ac3b Initial commit 2020-03-01 20:26:51 +01:00
Marcel Beck
5257ce6c0b docs: Fix typo 2020-02-28 17:58:10 +01:00
Marcel Beck
c9508c28b3 fix: check119 needs to ignore terminated instances 
Terminated does not seem to have an instance profile. And its not
possible to start a terminated instance again.
 2020-02-25 09:23:55 +01:00
Faraz Angabini
2321655503 fixed check numbers for 774,775 2020-02-22 22:16:59 -08:00
Kasprzykowski
40985212ab check_extra775 added | group7_extras and group11_secrets updated 2020-02-21 09:24:13 -05:00
Kasprzykowski
a1d26b44c3 check_extra999 added and group7_extras updated 2020-02-21 09:05:33 -05:00
Christopher Morrow
4a1d4060ec Check Extra 774 - Fixed bug - was checking account creation time instead of last logon date. 2020-02-20 15:11:13 -08:00
Toni de la Fuente
ca34590da0 Merge branch 'bugfix/check_11_check_access_keys_usage' of https://github.com/bridgecrewio/prowler into bridgecrewio-bugfix/check_11_check_access_keys_usage 2020-02-19 18:14:37 +01:00
Toni de la Fuente
44716cfab2 Merge pull request #486 from bridgecrewio/bugfix/mark_only_available_rds_instances_as_violating 
Filter for only available rds instances
 2020-02-19 18:11:43 +01:00
Toni de la Fuente
1f3aaa8c7b Merge pull request #485 from bridgecrewio/bugfix/es_public_domains_filter_condition 
Add conditions check for extra716
 2020-02-19 18:09:37 +01:00
Toni de la Fuente
6213a7418c Merge pull request #484 from bridgecrewio/bugfix/public_bucket_policy_check_for_conditions 
Add conditions check for extra771
 2020-02-19 18:08:02 +01:00
Toni de la Fuente
bf9ffc0485 Merge pull request #483 from bridgecrewio/bugfix/extra748_check_for_all_ports 
Check extra748 should fail in case of all ports (0-65535) open
 2020-02-19 17:58:17 +01:00
Nimrod Kor
e41e77ed78 Remove unnecessary print 
(cherry picked from commit 72bb29f13cabf5bd85af3c5539a46eacd34538ae)
 2020-02-18 11:58:05 +02:00
Nimrod Kor
a6516e4af8 Check 1.1 - check password access and access key usage 
(cherry picked from commit f62cde1bf1a32138419cc1488392b93816958595)
 2020-02-18 11:36:57 +02:00
Nimrod Kor
4fe575030b Filter for only available rds instances 
(cherry picked from commit 5a7356be3cd137e08161b3dc0d7b8f1b2267c304)
 2020-02-18 10:48:58 +02:00
Nimrod Kor
178a34e40d Add conditions check for extra716 
(cherry picked from commit 2ec6696897a272c7d765cc31e37703a453f57289)
 2020-02-18 10:48:25 +02:00
Nimrod Kor
5f3293af1e Add conditions check for extra771 
(cherry picked from commit 805b276578d5afda60b38cffa28fe09b16380799)
 2020-02-18 10:28:36 +02:00
Nimrod Kor
28a8ae7572 Check extra748 should fail in case of all ports (0-65535) open 2020-02-18 10:26:44 +02:00
Nimrod Kor
daa26ed14c extra764 should also check for principal being AWS = "*" 2020-02-18 10:20:13 +02:00
Toni de la Fuente
f99d35888a Merge branch 'patch-1' of https://github.com/alphad05/prowler into alphad05-patch-1 2020-02-12 23:20:32 +01:00
Toni de la Fuente
35fc8cd0bf Merge branch 'fix-check11' of https://github.com/bridgecrewio/prowler into bridgecrewio-fix-check11 2020-02-12 23:13:49 +01:00
jonnyCodev
447657140d check if last_login_date is a valid date 2020-02-12 10:16:18 +02:00
alphad05
5069fd29f9 Associate VPCFlowLog with VPC 
Associate VPCFlowLow with the VPC it is for to ensure accurate check. If there are multiple VPCs in a region and only some have VPC flow logs, current check will pass all VPCs even those without VPC flow logs.
 2020-02-11 20:55:30 -08:00
Toni de la Fuente
274d02576f Revert "Feature/handle get bucket policy error" 2020-02-10 23:31:02 +01:00
Toni de la Fuente
5cebebba97 Merge pull request #474 from bridgecrewio/feature/handle_get_bucket_policy_error 
Feature/handle get bucket policy error
 2020-02-10 23:29:04 +01:00
Toni de la Fuente
092dc84186 Merge pull request #454 from zfLQ2qx2/prowler_check119 
Add command for check119
 2020-02-10 22:56:34 +01:00
Toni de la Fuente
528e14d4cf Update check119 
updated to not scored
 2020-02-10 22:55:57 +01:00
jonnyCodev
fe2d2b45bb check root account access login and fail if used in the last day 2020-02-06 11:10:10 +02:00
Or Evron
74cbbddc5c add text info in case of error occurred 
(cherry picked from commit b28917beb758d5c2588a374f3ad8d9f2b4b59f80)
 2020-02-06 09:37:16 +02:00
Or Evron
e575fcd6b2 typo 
(cherry picked from commit eb4f33642844a1e6150ea5c2862bc4f8fef4bb58)
 2020-02-06 09:37:16 +02:00
Or Evron
aca93b7526 typo 
(cherry picked from commit b89f67bba131da263828e258cc474a460ee3ebcc)
 2020-02-06 09:37:16 +02:00
Or Evron
029c330ed1 fix check extra 764 
(cherry picked from commit 0db690ad5fa26c0157f6f40ea651495bdd9e9715)
 2020-02-06 09:37:16 +02:00
jonnyCodev
d473ebe3f2 moving MAX_DAYS to the inner scope of the function 2020-02-05 11:15:14 +02:00
jonnyCodev
a824e064b3 Check if user have unused console login 2020-02-04 14:39:42 +02:00
Toni de la Fuente
f797805970 Merge pull request #463 from zfLQ2qx2/issue458 
Rewrite of check extra73
 2020-01-27 18:03:28 -05:00
Toni de la Fuente
ef001af1ec Merge pull request #461 from zfLQ2qx2/issue459 
Add additional error checking to address issue 459
 2020-01-27 18:01:00 -05:00
Toni de la Fuente
8b5733b5fe Merge branch 'master' into issue-163-CloudFront-WAF 2020-01-27 17:59:13 -05:00
Toni de la Fuente
425fe16752 Update and rename check_extra772 to check_extra773 2020-01-27 17:57:06 -05:00