prowler
prowler copied to clipboard
prowler-cloud
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness....
### Steps to Reproduce There are various AWS checks that currently only consider `"Custom"` policies: - `iam_policy_no_full_access_to_cloudtrail` - `iam_policy_no_full_access_to_kms` - `iam_policy_allows_privilege_escalation` To reproduce, 1. Create an inline policy allowing full...
### Description Errors related with encoding are solved, new logic for encoding can be found in config.py file from dashboard. Logic: for windows os, when installing Prowler from pip it...
### Description Improve EC2 Security Groups checks logic by checking if any instance is attached. - [ ] ec2_securitygroup_allow_ingress_from_internet_to_any_port - [ ] ec2_securitygroup_allow_ingress_from_internet_to_port_mongodb_27017_27018 - [ ] ec2_securitygroup_allow_ingress_from_internet_to_tcp_ftp_port_20_21 - [x] ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_22...
### Description Renames tags policies to tag policies to align with [AWS documentation](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_tag-policies.html) ### License By submitting this pull request, I confirm that my contribution is made under the terms...
### Context Thanks to @abant07 for this work! 👏 Fixes https://github.com/prowler-cloud/prowler/issues/3237 ### Description New checks: - awslambda_function_not_directly_publicly_accessible_via_elbv2 - ec2_instance_not_directly_publicly_accessible_via_elb - ec2_instance_not_directly_publicly_accessible_via_elbv2 To-Do: - [ ] Verify ALB/ELB and Instance/Lambda security...
Check failing due to IAM Roles created by AWS Control Tower and AFT with AdministratorAccess policy
### Discussed in https://github.com/prowler-cloud/prowler/discussions/3809 Originally posted by @dmkim22-lguplus April 18, 2024 Hello, IAM Roles created by AWS Control Tower and AFT (Account Factory for Terraform) have AdministratorAccess policy attached, and...
### Steps to Reproduce 1. command `prowler aws --services s3 -M csv` 2. Provider: AWS 3. Single AWS account 4. CSV output is attached [prowler-output.csv](https://github.com/prowler-cloud/prowler/files/14782292/prowler-output.csv) ### Expected behavior The HTML...
# Deprecations from v3 ## General - `Allowlist` now is called `Mutelist`. - The `--quiet` option has been deprecated, now use the `--status` flag to select the finding's status you...
### Steps to Reproduce prowler aws ### Expected behavior Check Passes. ### Actual Result with Screenshots or Logs Check fails. ### How did you install Prowler? From pip package (pip...
### New feature motivation Currently offered check [ec2_securitygroup_allow_wide_open_public_ipv4] nor other checks specific to the services (MySQL, MSSQL, RDP, SSH, etc.) do not flag security groups with a single public IP...
Metadata
Owner
Metadata
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness....