prowler

mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 07:15:15 +00:00

Author	SHA1	Message	Date
Toni de la Fuente	6f678a1093	Merge pull request #298 from toniblyx/devel Devel	2019-03-04 22:45:58 -05:00
Toni de la Fuente	2bc3575de8	Improved extra714 to find secrets	2019-03-04 22:25:04 -05:00
Toni de la Fuente	18e9e7f0e1	Merge pull request #297 from toniblyx/devel Devel	2019-03-04 21:26:29 -05:00
Toni de la Fuente	327323e32f	Merge pull request #295 from clintmoyer/spellcheck Spelling fix "reshift" means "redshift"	2019-02-20 18:11:31 -05:00
Clint Moyer	3c2ad65246	Spelling fix "reshift" means "redshift"	2019-02-20 12:30:04 -07:00
Toni de la Fuente	170557a422	New POC scoring and extra741 key finder userdata	2019-02-08 16:39:05 +00:00
Tom Crawford	34b6c4446d	Added check for integer in response from AWS	2019-02-04 17:01:37 +00:00
Toni de la Fuente	6600df9be9	extra741 finding keys in UserData	2019-01-29 06:09:37 +00:00
Toni de la Fuente	8f89a01541	Merge pull request #284 from toniblyx/devel Devel	2019-01-07 22:15:28 -05:00
Toni de la Fuente	2e754a5370	Fixed check120	2019-01-07 22:06:34 -05:00
Toni de la Fuente	97a59cf5e4	Merge pull request #276 from affanhmalik/check29 Check for flowlogs only in active VPCs, avoid false flag if a region …	2018-12-19 23:53:42 -05:00
Morey Straus	8935233a05	Update check_extra739 typo correction	2018-12-14 14:32:38 -08:00
Affan Malik	bacdf6ed22	Check for flowlogs only in active VPCs, avoid false flag if a region has no VPCs	2018-12-12 15:09:31 -05:00
Samuel Dugo	573fa46aac	Fixed AccessDeniedException on extra730 When executing Prowler using a specific profile (in my case to assume a role) , check_extra730 returns: "An error occurred (AccessDeniedException) when calling the DescribeCertificate operation: User: [ASSUMED_ROLE_ARN] is not authorized to perform: acm:DescribeCertificate on resource: [RESOURCE_ARN]" This is because line 28 did not contain the following parameters: "$PROFILE_OPT --region $regx" .	2018-12-05 11:35:44 +01:00
Toni de la Fuente	aeaf533585	Added extra740 EBS snapshots are encrypted and HIPAA	2018-11-19 23:22:18 -05:00
Toni de la Fuente	5757a88227	Added extra739 ELB logging and typos	2018-11-19 22:55:29 -05:00
Jason Turner	cafd203406	Updated check29 to validate against FlowLogId which is valid for both CloudWatch and s3 destinations	2018-11-14 14:19:44 -08:00
Toni de la Fuente	2437f8fb16	Added extra738 CloudFront HTTPS	2018-11-08 20:21:46 -05:00
Toni de la Fuente	fa5b81b28e	Added extra737 KMS keys rotation	2018-11-07 23:37:06 -05:00
Toni de la Fuente	9bdbf6f51c	Added extra736 check exposed KMS keys	2018-11-07 23:27:58 -05:00
Toni de la Fuente	b6a30df808	Added extra735 check encrypted RDS	2018-11-07 22:00:28 -05:00
Toni de la Fuente	0dc2b9a081	Improved extra734 checking enforce policy	2018-11-06 00:17:00 -05:00
Toni de la Fuente	29e142361b	Improved extra734 checking enforce policy	2018-11-06 00:15:20 -05:00
Toni de la Fuente	883afa4959	Added extra734 check S3 bucket encryption	2018-11-05 23:30:00 -05:00
Toni de la Fuente	c7bfd72d2d	Add check extra733 SAML Provider STS	2018-10-31 23:09:24 -04:00
Toni de la Fuente	9a88249965	Added check extra732 Cloudfront CDN Geo restrictions	2018-10-31 22:45:59 -04:00
Toni de la Fuente	6cb75fa26a	Added check extra732 Cloudfront CDN Geo restrictions	2018-10-31 22:44:45 -04:00
Toni de la Fuente	2fd6f9801a	Added check extra731 SNS topics Public	2018-10-31 22:23:41 -04:00
Toni de la Fuente	fe8a123ead	Added check extra730 - ACM cert expiration	2018-10-31 00:01:47 -04:00
jlamande@gmail.com	bd06720416	Accelerate check 122 (scope local, 1 less API call by policy)	2018-10-19 13:43:37 +02:00
jlamande@gmail.com	8798861c99	fix(check13): should not pass if user never logged in	2018-10-17 10:16:49 +02:00
Maximilian Bode	ff973e09c4	Use awscli query instead of cut for Extra 7.13 Fixes #249. The text output of `aws guardduty get-detector` has changed with awscli release 1.16.25, leading to GuardDuty detectors misreported as suspended.	2018-10-02 12:20:42 +02:00
Toni de la Fuente	843a762e44	Fixed issue #247	2018-09-24 22:27:34 -04:00
Toni de la Fuente	fe44298e4e	fixed checkID in check_extra76	2018-09-21 09:45:22 -04:00
Michael Schubert	c7b913fff4	Take age of access key 2 from correct column	2018-09-20 16:18:19 +02:00
Gary Patterson	5aad05b0ae	Added managed to output	2018-09-11 23:06:00 -05:00
Gary Patterson	c575b5c243	Update Check 1.16 based on CIS v1.2 05-23-2018 to include list-user-policies for Inline Polices	2018-09-11 22:56:06 -05:00
Toni de la Fuente	62ea9135b6	Improved username filtering for check12	2018-09-05 11:09:03 +01:00
Toni de la Fuente	7f53b6d3ce	Merge pull request #239 from martinusnel/hotfix/check_extra725 Fixed test for no S3 buckets and moved code.	2018-09-02 19:17:08 +02:00
Martinus Nel	3bffbe2ca4	Fixed test for no S3 buckets and moved code. Changed method to run through the trails list file.	2018-08-28 16:52:31 +01:00
Toni de la Fuente	68675ac365	PR 235	2018-08-15 16:09:17 -04:00
Toni de la Fuente	1516c4ea15	Fixed as SCORED	2018-08-15 15:48:58 -04:00
Toni de la Fuente	7a474aa335	Fixed as SCORED	2018-08-15 15:48:39 -04:00
Keith Rhea	97da9c2122	Modified checks and documentation to reflect changes in CIS_Benchmark_v1.2.0(05-23-2018)	2018-08-15 09:16:27 -06:00
Toni de la Fuente	ebceebbc75	Merge pull request #232 from rheak/master Update Scored Value for 115 and 315. Update 13 to only check users with enabled console password.	2018-08-14 10:18:39 -04:00
Toni de la Fuente	b59aaf40d4	Issue #230	2018-08-14 10:11:44 -04:00
Toni de la Fuente	302dbb5e9d	Merge pull request #228 from martinusnel/hotfix/check111 Fixed Bash test.	2018-08-10 19:07:49 -04:00
Keith Rhea	3ef5a42b73	Updated check13 to only check users that have console password enabled	2018-08-10 15:21:39 -06:00
Keith Rhea	b98d337478	Updated check315 variable CHECK_SCORED_check315=NOT_SCORED	2018-08-10 15:20:03 -06:00
Keith Rhea	3f90a33a13	Updated check115 variable CHECK_SCORED_check115=NOT_SCORED	2018-08-10 15:19:20 -06:00

1 2

97 Commits