ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 23:05:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,660 Commits 1 Branch 0 Tags
f3dcfe9f8e7bb90b98ff316606a6e2bc71469f30
Commit Graph

573 Commits

Author SHA1 Message Date
Toni de la Fuente
28b97058ad Fix bug in extra784 @tayivan-sg 
Fix bug in extra784 @tayivan-sg
 2021-09-13 18:52:28 +02:00
Toni de la Fuente
5757767b25 Fixed typo in risk description for check29 @kamiryo 
Fixed typo in risk description for check29 @kamiryo
 2021-09-01 19:14:03 +02:00
kamiryo
9f9d82adef Update check29 
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

Fixed typo
 2021-08-30 16:43:42 +09:00
Ivan Tay
13b93c81ea Changes to fix bug in extra 784 2021-08-26 09:55:27 +08:00
Toni de la Fuente
06f790858b Fix title, remediation and doc link for check extra768 @w0rmr1d3r 
Fix title, remediation and doc link for check extra768 @w0rmr1d3r
 2021-08-25 11:28:40 +02:00
Toni de la Fuente
a72a2e9b48 Ignore archived findings in GuardDuty for check extra7139 @chbiel 
Ignore archived findings in GuardDuty for check extra7139 @chbiel
 2021-08-25 11:26:31 +02:00
Ramon
c14593a40e fix check_extra768 texts 2021-08-20 16:22:52 +02:00
Christopher Biel
321c79a374 Ignore archvived findings, as the check should only look at active findings, not those that were moved to the archive of guardduty 2021-08-19 11:50:16 +02:00
rinaudjaws
38df162976 Remove KMS with conditions false positives 
CDK for example implements callerAccount as a condition for the KMS policy resulting in too many false positives.
 2021-08-18 08:52:46 +02:00
Toni de la Fuente
9c3ab79510 Removed Scored from title 2021-08-10 18:45:39 +02:00
Toni de la Fuente
c8e9cf2e77 Tested new checks 7143 to 7147 2021-08-10 17:00:18 +02:00
Toni de la Fuente
4607e519a9 Merge branch '2.5-new-checks' into custom-checks 2021-08-10 15:25:31 +02:00
Toni de la Fuente
5685cb8959 Merge branch '2.5' into delete_check_extra737_is_duplicated 2021-08-02 14:14:45 +02:00
Ramon
0d9ec6320e delete check extra737 and its references 2021-07-16 12:09:54 +02:00
Ramon
8c70efde5f delete check extra756 and its references 2021-07-16 12:03:39 +02:00
Toni de la Fuente
065483a8b6 Update check12 - Missing MFA at the beginning of remediation @thorkill 
Update check12 - Missing MFA at the beginning of remediation @thorkill
 2021-07-16 10:17:28 +02:00
Rafał Leśniak
0a4ca0d2ed Update check12 
Added missing MFA in remediation description.
 2021-07-16 01:35:46 +02:00
Toni de la Fuente
265f494b0d Fixed check21 to fail if trail is off 2021-07-08 17:09:22 +02:00
Toni de la Fuente
85cb2085b9 Output consolidation 2021-07-07 16:15:53 +02:00
Toni de la Fuente
c09385976a Consolidated titles and outputs including resource ID in ASFF 2021-07-05 20:17:27 +02:00
Toni de la Fuente
bc959a23f1 License file and banner cosolidation 2021-07-04 12:32:50 +02:00
Patel
800bcb0016 renaming extra checkId, change in text message format, adding more metadata variables, lowercase servicename, adding checks in extras group 2021-06-24 15:47:29 +05:30
Patel
8a2d2924b4 Fixed typo issues, removed commented line, change in severity 2021-06-17 11:43:19 +05:30
Geoff
4961498562 Added parameter to report resource name 
Added a third parameter to checks textFail and textPass to identify resource name in finding.
 2021-06-16 22:25:44 -05:00
Patel
8e9ef841e5 Adding custom security checks 2021-06-14 12:43:21 +05:30
Toni de la Fuente
1229815c04 Add WAF CLASSIC check for extra7129 @kamiryo 
Add WAF CLASSIC check for extra7129 @kamiryo
 2021-06-11 17:17:28 +02:00
kamiryo
79a0eb622d Add WAF CLASSIC check for extra7129 2021-06-10 23:13:17 +09:00
Toni de la Fuente
701d5687be Fixed issue #811 @h1008 
Fixed issue #811 @h1008
 2021-06-08 14:50:59 +02:00
h1008
5aeb670a84 Fixed issue #811 2021-06-05 11:57:04 +02:00
Toni de la Fuente
124ae0fd2e Fixed kms keys compatibility in cli v2 and v1 2021-06-02 17:53:12 +02:00
Toni de la Fuente
96b9accea8 New check extra7142 ALB Header Check request smuggling @Outrun207 
New check extra7142 ALB Header Check request smuggling @Outrun207
 2021-06-01 12:27:07 +02:00
Toni de la Fuente
324a1002a5 Fix finding customer kms keys in cli v2 for checks extra737 extra736 @dbellizzi 
Fix finding customer kms keys in cli v2 for checks extra737 extra736 @dbellizzi
 2021-06-01 12:24:19 +02:00
Toni de la Fuente
55e703540e Fixed typo in check extra7141 ID 2021-05-31 18:47:56 +02:00
Dom Bellizzi
baf5232cbc Fix finding customer kms keys in cli v2 for checks extra737 extra736 
Key id is in position 6 in aws cli version 2.2.5, but in position 4 in aws cli 1.x
Use --query to select only the data necessary and output in a consistent format
 2021-05-29 22:27:15 +00:00
Josh Moss
e3893c7d5b Update check_extra7142 2021-05-25 13:49:27 -04:00
Josh Moss
229d9ba00c ALB Header Check 2021-05-20 12:36:30 -04:00
Toni de la Fuente
78e5dc5dba Added new check extra7141 to detect secrets in SSM Documents 2021-05-18 18:28:15 +02:00
Toni de la Fuente
1655bdb902 Added resource id to RDS checks and in json,csv,html outputs 2021-05-18 16:57:37 +02:00
Toni de la Fuente
30442b2da7 Added new check extra7140 for public SSM Documents 2021-05-18 16:10:55 +02:00
Toni de la Fuente
501082876c Fixed alias of extra7139 2021-05-18 16:08:10 +02:00
Toni de la Fuente
8d9ca987b5 Added link to doc for check45 check46 extra7138 and extras 2021-05-18 15:41:45 +02:00
Toni de la Fuente
46c6f44055 Merge branch '2.5' into new-acls-checks 2021-05-18 15:34:27 +02:00
Toni de la Fuente
7c65430508 Improved error handling when listing regions @pablopagani 
Improved error handling when listing regions @pablopagani
 2021-05-04 15:39:25 +02:00
Pablo Pagani
ce00f3a019 improved error handling. Added check 7139 . 2021-05-01 17:33:54 -03:00
Pepe Fagoaga
2727b7e8e2 fix(network-acls): update resource type to match AWS documentation 2021-04-28 18:50:20 +02:00
Pepe Fagoaga
2dc1ce61ec fix(network-acls): fix line typo 2021-04-26 12:30:44 +02:00
Pepe Fagoaga
056190cfc9 feat(network-acls): change textFail to textInfo because NACLs are stateless 2021-04-24 13:24:33 +02:00
Pepe Fagoaga
8f784a4548 feat(network-acls): include checks to test NetworkACLs open to 22, 3389 and any port 2021-04-24 13:13:41 +02:00
Pepe Fagoaga
f1185213e8 Merge branch 'master' of github.com:toniblyx/prowler 2021-04-22 18:30:48 +02:00
Pepe Fagoaga
cb60085779 New Networking checks for FTP, Telnet, SQL Server and Kafka (#2) 
* feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to FTP ports 20 or 21

* feat(aws-securitygroups): include extra control 7134 in extra group

* feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Kafka port 9092

* feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Telnet port 23

* feat(aws-securitygroups): include new control to test ingress from 0.0.0.0/0 or ::/0 to Microsoft SQL Server ports 1433 or 1434

* feat(aws-securitygroups): include extra controls 7135, 7136 and 7137 in extra and internet-exposed groups
 2021-04-22 18:29:12 +02:00