Prowler Bot
|
32b61e91ff
|
fix(ec2): AttributeError in ec2_instance_with_outdated_ami check (#9048)
Co-authored-by: Daniel Barranquero <74871504+danibarranqueroo@users.noreply.github.com>
|
2025-10-28 13:20:15 -04:00 |
|
Daniel Barranquero
|
e279f7fcfd
|
fix: handle eks cluster version and listener certificate arn not in acm (#8802)
|
2025-10-01 13:55:26 -04:00 |
|
Hugo Pereira Brito
|
cdb455b2b1
|
feat(aws): add new check ec2_instance_with_outdated_ami (#6910)
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-09-30 13:54:36 -04:00 |
|
MustafaAamir
|
2a4b62527a
|
fix(tests_iam): AWS managed policies are isolated (#8609)
Co-authored-by: MustafaAamir <mustafa@gmail.com>
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
|
2025-09-30 13:44:03 +05:45 |
|
dependabot[bot]
|
52ddaca4c5
|
chore(deps-dev): bump moto from 5.0.28 to 5.1.11 (#7100)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-09-16 14:17:47 +02:00 |
|
Prowler Bot
|
ec27451199
|
chore(regions_update): Changes in regions for AWS services (#8728)
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com>
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-09-15 15:02:37 +02:00 |
|
Daniel Barranquero
|
b512f6c421
|
fix(firehose): false positive in firehose_stream_encrypted_at_rest (#8599)
Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
|
2025-09-11 09:55:16 -04:00 |
|
Daniel Barranquero
|
74bf0e6b47
|
fix(aws): nonetype errors in opensearch, firehose and cognito (#8670)
|
2025-09-09 13:12:57 +05:45 |
|
Daniel Barranquero
|
7916425ed4
|
fix(memorydb): handle clusters with no security groups (#8666)
|
2025-09-08 15:05:13 -04:00 |
|
Samuele Pasini
|
1884874ab6
|
fix: typo ec2_securitygroup_allow_ingress_from_internet_to_tcp_port_* CheckID (#8294)
Co-authored-by: Daniel Barranquero <danielbo2001@gmail.com>
|
2025-09-05 13:16:12 +02:00 |
|
Pedro Martín
|
79450d6977
|
fix(securityhub): resolve TypeError from Python3.9 (#8619)
Co-authored-by: Hugo Pereira Brito <101209179+HugoPBrito@users.noreply.github.com>
|
2025-09-03 17:52:09 +02:00 |
|
Daniel Barranquero
|
3b42eb3818
|
fix(s3): resource metadata error in s3_bucket_shadow_resource_vulnerability (#8572)
|
2025-08-26 13:30:49 +02:00 |
|
Sergio Garcia
|
ea6d04ed3a
|
chore(securityhub): add static credentials and role assumption support (#8539)
Co-authored-by: Adrián Jesús Peña Rodríguez <adrianjpr@gmail.com>
|
2025-08-22 11:58:35 +02:00 |
|
Sergio Garcia
|
30518f2e0e
|
feat(aws): new check eks_cluster_deletion_protection_enabled (#8536)
|
2025-08-19 10:25:24 +02:00 |
|
Andoni Alonso
|
2f5fce41dc
|
feat(iam): remove standalone iam:PassRole from privesc detection and add missing patterns (#8530)
|
2025-08-18 11:35:14 +02:00 |
|
Andoni Alonso
|
39e4d20b24
|
feat(iam): add Bedrock AgentCore privilege escalation combo (#8526)
|
2025-08-15 13:25:15 +02:00 |
|
Hugo Pereira Brito
|
f5b1532647
|
fix(kafka): false positives in kafka_cluster_is_public check (#8514)
|
2025-08-13 09:05:09 +02:00 |
|
Pepe Fagoaga
|
260fada3eb
|
fix(s3): Use HeadBucket instead of GetBucketLocation (#8456)
|
2025-08-06 19:20:52 +05:45 |
|
Adrián Jesús Peña Rodríguez
|
581afd38e6
|
fix: add default values for S3 class (#8417)
Co-authored-by: Pedro Martín <pedromarting3@gmail.com>
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-08-01 13:50:51 +02:00 |
|
Paul Negedu
|
2170fbb1ab
|
feat(aws): add s3_bucket_shadow_resource_vulnerability check (#8398)
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-08-01 18:26:03 +08:00 |
|
Sergio Garcia
|
7ec514d9dd
|
feat(aws): new check bedrock_api_key_no_long_term_credentials (#8396)
|
2025-07-30 17:04:16 +08:00 |
|
Aviad Levy
|
a85b89ffb5
|
fix(ec2): add check that protocol is matched in security group checks (#8374)
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-07-28 19:53:08 +08:00 |
|
Kay Agahd
|
d4e66c4a6f
|
chore(sqs): clean up code (#8366)
|
2025-07-25 20:10:34 +08:00 |
|
Andoni Alonso
|
04749c1da1
|
fix(aws): sns_topics_not_publicly_accessible false positive with aws:SourceArn conditions (#8340)
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-07-24 18:03:30 +08:00 |
|
Sergio Garcia
|
ca86aeb1d7
|
feat(aws): new check bedrock_api_key_no_administrative_privileges (#8321)
|
2025-07-22 22:06:17 +08:00 |
|
Pepe Fagoaga
|
74940e1fc4
|
fix(check_metadata): add service name validator (#8289)
Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
Co-authored-by: Pedro Martín <pedromarting3@gmail.com>
|
2025-07-17 13:10:30 +05:45 |
|
Kay Agahd
|
bf0013dae3
|
fix(aws): make is_service_role more restrictive to avoid false positives (#8274)
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-07-15 22:02:09 +08:00 |
|
Hugo Pereira Brito
|
ddc53c3c6d
|
fix(firehose): list all streams and fix firehose_stream_encrypted_at_rest logic (#8213)
|
2025-07-09 15:38:54 +08:00 |
|
Pedro Martín
|
7eb08b0f14
|
fix(ec2): allow empty values for http_endpoint in templates (#8184)
|
2025-07-04 18:03:51 +08:00 |
|
Kay Agahd
|
f5ecae6da1
|
fix(iam): detect wildcarded ARNs in sts:AssumeRole policy resources (#8164)
Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
|
2025-07-03 23:09:48 +08:00 |
|
Neil Millard
|
965111245a
|
feat(aws): add new check for Codebuild projects visibility (#8127)
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-07-02 17:20:15 +08:00 |
|
Adrián Jesús Peña Rodríguez
|
d8ed70236b
|
refactor(s3): adapt test_connection to match AwsProvider (#8088)
|
2025-06-27 13:23:59 +02:00 |
|
Jack Holloway
|
85242c7909
|
fix(aws): retrieve correctly ECS Container insights settings (#8097)
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-06-25 15:54:20 +08:00 |
|
Daniel Barranquero
|
ea6ab406c8
|
fix(organizations): Key Error: Statement in check organizations_scp_deny_regions (#8091)
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-06-25 15:23:38 +08:00 |
|
crr
|
e108b2caed
|
fix(aws): fix logic in VPC and ELBv2 checks (#8077)
Co-authored-by: Sergio Garcia <sergargar1@gmail.com>
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-06-24 19:13:54 +08:00 |
|
Drew Kerrigan
|
51467767cd
|
fix: allow raising exceptions from validate_mutelist (#8086)
|
2025-06-24 13:14:46 +05:45 |
|
Andoni Alonso
|
dfd5c9aee7
|
feat(aws): add check to ensure Codebuild Github projects are only use allowed Github orgs (#7595)
Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
|
2025-06-18 00:17:18 +08:00 |
|
Rubén De la Torre Vico
|
7e43c7797f
|
fix(eks): add EKS to service without subservices (#7959)
Co-authored-by: Andoni Alonso <14891798+andoniaf@users.noreply.github.com>
Co-authored-by: Sergio Garcia <hello@mistercloudsec.com>
|
2025-06-16 16:46:48 +08:00 |
|
Andoni Alonso
|
bfafa518b1
|
feat(aws): avoid bypassing IAM check using wildcards (#7708)
|
2025-06-16 07:42:01 +02:00 |
|
Andoni Alonso
|
f5f1fce779
|
fix(iam): check always if root credentials are present (#7967)
|
2025-06-12 17:48:09 +02:00 |
|
Prowler Bot
|
5ec34ad5e7
|
chore(regions_update): Changes in regions for AWS services (#7973)
Co-authored-by: prowler-bot <179230569+prowler-bot@users.noreply.github.com>
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-06-12 17:24:15 +08:00 |
|
Pedro Martín
|
1bd0d774e5
|
feat(mutelist): make validate_mutelist method static (#7811)
|
2025-06-11 11:33:49 +05:45 |
|
Sergio Garcia
|
97baa8a1e6
|
chore(ec2): improve severity logic in SG all ports open check (#7764)
|
2025-05-16 15:09:48 +02:00 |
|
Ogonna Iwunze
|
f5a2695c3b
|
fix(check): Add support for condition with restriction on SNS endpoint (#7750)
Co-authored-by: MrCloudSec <hello@mistercloudsec.com>
|
2025-05-15 16:00:00 +02:00 |
|
Sergio Garcia
|
ed26c2c42c
|
fix(mutelist): properly handle wildcards and regex (#7685)
|
2025-05-08 12:10:55 +05:45 |
|
Sergio Garcia
|
9458e2bbc4
|
fix(inspector2): handle error when getting active findings (#7670)
Co-authored-by: Andoni A. <14891798+andoniaf@users.noreply.github.com>
|
2025-05-07 14:39:34 +02:00 |
|
Pedro Martín
|
fe5a78e4d4
|
feat(aws): add static credentials for S3 and SH (#7322)
|
2025-05-06 17:55:53 +02:00 |
|
Pedro Martín
|
de01087246
|
fix(s3): add ContentType in upload_file (#7635)
Co-authored-by: Pepe Fagoaga <pepe@prowler.com>
|
2025-04-30 19:48:23 +05:45 |
|
Sergio Garcia
|
b55f8efed1
|
fix: handle errors in AWS, Azure, and GCP (#7456)
|
2025-04-08 18:05:43 +05:45 |
|
Sergio Garcia
|
8552a578a0
|
fix(aws): solve multiple errors (#7431)
|
2025-04-04 09:34:58 -04:00 |
|