rieck-srlabs
rieck-srlabs
According to the name, `Get-SecurityGroups` should only return security groups. However, it **currently returns all Entra ID groups**. This is because the group filter is incorrectly applied in [the code](https://github.com/dafthack/GraphRunner/blob/7fd1cf20da7ac6160f1707aeed15035def82bdff/GraphRunner.ps1#L2408):...
Adds check to find exposed secrets in EC2 Launch Templates. Currently, Prowler does not scan EC2 Launch Templates. ### Context The existing check `autoscaling_find_secrets_ec2_launch_configuration` only considers EC2 AutoScaling launch configurations,...
# Issue Description Webtag uses the following code (called by `getValidPassword`) to store and hash passwords: ```javascript const hashString = (str) => { return crypto.createHash("sha256", config.SECRET).update(str).digest("hex"); }; ``` I guess...