ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2026-01-25 02:08:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,622 Commits 354 Branches 170 Tags
cloudflare-pr4-dns-firewall-waf
Commit Graph

7622 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
HugoPBrito
47317680e5 fix(cloudflare): use zone_name as region for DNS records in CheckReportCloudflare 2026-01-20 15:31:56 +01:00
HugoPBrito
c7558a9f78 chore: remove accidentally committed uv.lock 2026-01-20 14:57:09 +01:00
HugoPBrito
86ecec542b Revert "chore: remove uv.lock files" 
This reverts commit cb82a42035.
 2026-01-20 14:54:55 +01:00
HugoPBrito
cb82a42035 chore: remove uv.lock files 2026-01-20 14:54:34 +01:00
HugoPBrito
2c69eb58c9 chore(cloudflare): remove unnecessary __init__.py files from tests 2026-01-20 14:54:15 +01:00
HugoPBrito
fcd9e2d40f fix(cloudflare): remove redundant provider assignment and single quotes from status messages 2026-01-20 14:52:00 +01:00
HugoPBrito
f0c69874e0 fix(cloudflare): correct SRV record target extraction for Cloudflare format 2026-01-20 14:49:30 +01:00
HugoPBrito
21444f7880 feat(cloudflare): expand dangling record check to include MX, NS, and SRV 
- Dangling MX records can allow mail interception
- Dangling NS records can lead to subdomain delegation takeover
- Dangling SRV records expose service discovery vulnerabilities
 2026-01-20 14:35:26 +01:00
HugoPBrito
3e3f56629f feat(cloudflare): expand wildcard check to include MX and SRV records 
Wildcard MX records can allow mail interception for arbitrary subdomains.
Wildcard SRV records can expose services on any subdomain.
 2026-01-20 14:35:21 +01:00
HugoPBrito
38f6ca9514 fix(cloudflare): get zones directly from API in DNS and Firewall services 
This fixes an issue where DNS and Firewall services would have empty
records because they depended on zone_client which might not be
initialized when the services are loaded.
 2026-01-20 14:35:14 +01:00
HugoPBrito
7f71b93eec fix(cloudflare): only match OWASP rulesets by name, not by phase 2026-01-20 14:35:08 +01:00
HugoPBrito
12752a5839 chore: add to changelog 2026-01-20 13:58:52 +01:00
HugoPBrito
eb76e2b986 Merge branch 'master' into cloudflare-pr4-dns-firewall-waf 
Resolved conflicts by merging both features:
- Kept rate_limit_rules from master
- Kept firewall_rules and waf_rulesets from HEAD
- Updated CloudflareZone to include all three: rate_limit_rules, firewall_rules, waf_rulesets
- Set severity to 'high' for zone_rate_limiting_enabled check
 2026-01-16 13:46:34 +01:00
Josema Camacho
032499c29a feat(attack-paths): The complete Attack Paths feature (#9805) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: César Arroba <19954079+cesararroba@users.noreply.github.com>
Co-authored-by: Alan Buscaglia <gentlemanprogramming@gmail.com>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Andoni Alonso <14891798+andoniaf@users.noreply.github.com>
Co-authored-by: Rubén De la Torre Vico <ruben@prowler.com>
Co-authored-by: HugoPBrito <hugopbrit@gmail.com>
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: Chandrapal Badshah <Chan9390@users.noreply.github.com>
Co-authored-by: Chandrapal Badshah <12944530+Chan9390@users.noreply.github.com>
Co-authored-by: Adrián Peña <adrianjpr@gmail.com>
Co-authored-by: Pedro Martín <pedromarting3@gmail.com>
Co-authored-by: KonstGolfi <73020281+KonstGolfi@users.noreply.github.com>
Co-authored-by: lydiavilchez <114735608+lydiavilchez@users.noreply.github.com>
Co-authored-by: Prowler Bot <bot@prowler.com>
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com>
Co-authored-by: StylusFrost <43682773+StylusFrost@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: alejandrobailo <alejandrobailo94@gmail.com>
Co-authored-by: Alejandro Bailo <59607668+alejandrobailo@users.noreply.github.com>
Co-authored-by: Víctor Fernández Poyatos <victor@prowler.com>
Co-authored-by: bota4go <108249054+bota4go@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <74871504+danibarranqueroo@users.noreply.github.com>
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
Co-authored-by: mchennai <50082780+mchennai@users.noreply.github.com>
Co-authored-by: Ryan Nolette <sonofagl1tch@users.noreply.github.com>
Co-authored-by: Ulissis Correa <123517149+ulissisc@users.noreply.github.com>
Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
Co-authored-by: Lee Trout <ltrout@watchpointlabs.com>
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
Co-authored-by: Alan-TheGentleman <alan@thegentleman.dev>
 2026-01-16 13:37:09 +01:00
Pepe Fagoaga
d7af97b30a chore(skills): add Prowler Changelog skill (#9806) 2026-01-16 13:31:34 +01:00
Hugo Pereira Brito
aa24034ca7 feat(cloudflare): Add bot protection and configuration checks for zones (#9425) 
Co-authored-by: Andoni Alonso <14891798+andoniaf@users.noreply.github.com>
 2026-01-16 12:06:52 +01:00
Alejandro Bailo
ec4eb70539 refactor(ui): improve layouts and styles (#9807) 2026-01-16 12:00:01 +01:00
RoseSecurity
76a8610121 fix(pre-commit): update isort repo URL to pycqa (#9785) 2026-01-15 18:33:25 +01:00
Alejandro Bailo
d5e2c930a9 feat(ui): add Resources Inventory feature (#9492) 
Co-authored-by: Alan Buscaglia <gentlemanprogramming@gmail.com>
 2026-01-15 16:25:12 +01:00
Josema Camacho
2c4f866e42 feat(attack-paths): update slack-sdk for cartography compatibility (#9801) 2026-01-15 14:30:33 +01:00
Rubén De la Torre Vico
31845df1a7 refactor(ui): change Lighthouse AI MCP tool filtering from blacklist to whitelist (#9802) 2026-01-15 13:53:05 +01:00
Adrián Peña
d8c1273a57 feat(api): add resource group overview endpoint and filtering (#9694) 
Co-authored-by: Alan Buscaglia <gentlemanprogramming@gmail.com>
Co-authored-by: Víctor Fernández Poyatos <victor@prowler.com>
 2026-01-15 13:05:25 +01:00
Rubén De la Torre Vico
3317c0a5e0 chore(aws): enhance metadata for ec2 service (#9549) 
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
 2026-01-15 13:01:21 +01:00
Josema Camacho
847645543a feat(attack-paths): update boto dependencies for catrography compatibility (#9798) 
Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com>
 2026-01-15 13:00:54 +01:00
Alejandro Bailo
76aa65cb61 chore(ui): CHANGELOG.md updated (#9800) 2026-01-15 12:55:13 +01:00
Alejandro Bailo
484a1d1fef chore: upgrade Node.js to 24.13.0 LTS (#9797) 2026-01-15 12:46:42 +01:00
Alejandro Bailo
c8bc0576ea feat: implement compliance watchlist (#9786) 2026-01-15 12:37:16 +01:00
Alejandro Bailo
76cda6d777 feat(ui): new findings view (#9794) 2026-01-15 12:15:06 +01:00
Andoni Alonso
28978f6db6 fix(oci): pass provider UID to update credentials forms (#9746) 2026-01-15 11:29:23 +01:00
Hugo Pereira Brito
d4bc6d7531 feat(cloudflare): Add TLS/SSL, records and email security checks for zones (#9424) 
Co-authored-by: Andoni Alonso <14891798+andoniaf@users.noreply.github.com>
 2026-01-15 09:31:27 +01:00
HugoPBrito
42c56fa33a Merge branch 'cloudflare-pr3-bot-config-checks' into cloudflare-pr4-dns-firewall-waf 
And add Resourcegroup
 2026-01-14 15:43:49 +01:00
HugoPBrito
5dcdeed782 fix: add ResourceGroup to metadata 2026-01-14 15:23:24 +01:00
HugoPBrito
c35eaa8aa9 Merge branch 'cloudflare-pr2-tls-email-checks' into cloudflare-pr3-bot-config-checks 2026-01-14 15:17:45 +01:00
HugoPBrito
bca7c3a479 fix: nested folders and add ResourceGroup 2026-01-14 15:16:04 +01:00
Hugo Pereira Brito
e03fb88ca2 chore: update prowler/CHANGELOG.md 
Co-authored-by: Andoni Alonso  <14891798+andoniaf@users.noreply.github.com>
 2026-01-14 14:50:55 +01:00
HugoPBrito
cecf288d4f chore: add to changelog 2026-01-14 14:48:42 +01:00
HugoPBrito
8c4d251c51 feat: fix zone_bot_fight_mode_enabled and add zone_browser_integrity_check_enabled 2026-01-14 14:36:42 +01:00
HugoPBrito
98d4e08cbb zone_development_mode_disabled 2026-01-14 14:20:08 +01:00
HugoPBrito
3c004582d7 feat: enhance zone_rate_limiting_enabled 2026-01-14 14:19:42 +01:00
HugoPBrito
726aeec64b feat: enhance zone_challenge_passage_configured check 2026-01-14 14:19:08 +01:00
HugoPBrito
3d1a0b1270 feat: enhance zone_challenge_passage_configured check 2026-01-14 14:18:43 +01:00
Hugo Pereira Brito
1bf49747ad chore(entra): enhance performance for user_registration_details and user mfa evaluation (#9236) 2026-01-14 14:01:51 +01:00
HugoPBrito
b014fdbde3 chore: remove deprecated check 2026-01-14 13:23:42 +01:00
HugoPBrito
d693a34747 chore: rename zone records checks and add docstrings 2026-01-14 13:17:25 +01:00
HugoPBrito
a6860ffa7d Merge branch 'cloudflare-pr3-bot-config-checks' into cloudflare-pr4-dns-firewall-waf 2026-01-14 13:02:58 +01:00
HugoPBrito
d06af16a5c chore: rename zone records checks and add docstrings 2026-01-14 12:52:21 +01:00
Hugo Pereira Brito
0250bc3b0e Merge branch 'master' into cloudflare-pr2-tls-email-checks 2026-01-14 12:44:24 +01:00
lydiavilchez
2cde4c939d feat(gcp): add compute_snapshot_not_outdated check (#9774) 2026-01-14 12:35:29 +01:00
HugoPBrito
ee1e6c35f2 Merge branch 'cloudflare-pr2-tls-email-checks' into cloudflare-pr3-bot-config-checks 2026-01-14 12:28:10 +01:00
HugoPBrito
2e552c65a5 chore: add docstrings 2026-01-14 12:19:56 +01:00