Skip to content

Releases: prowler-cloud/prowler

Prowler 1.6

21 Feb 14:55
@toniblyx toniblyx
1.6
111615b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Prowler 1.6

New features:

  • New forensics ready group of checks: it includes existing and new ones to ensure your AWS account is ready for a deep forensic investigation if needed prowler -c forensics-ready
  • Added option -e to exclude all extra checks (they may make prowler take longer to finish)
  • New check extra78 Ensure there are no Public Accessible RDS instances (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s
  • New check extra79 Check for internet facing Elastic Load Balancers (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s
  • New check extra710 Check for internet facing EC2 Instances (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s
  • New check extra711 Check for Publicly Accessible Redshift Clusters (Not Scored) (Not part of CIS benchmark) thanks to @sidewinder12s
  • New check extra712 Check if Amazon Macie is enabled (Not Scored) (Not part of CIS benchmark)
  • New check extra713 Check if GuardDuty is enabled (Not Scored) (Not part of CIS benchmark)
  • New check extra714 Check if CloudFront distributions have logging enabled (Not Scored) (Not part of CIS benchmark)
  • New check extra715 Check if Elasticsearch Service domains have logging enabled (Not Scored) (Not part of CIS benchmark)
  • New check extra716 Check if Elasticsearch Service domains allow open access (Not Scored) (Not part of CIS benchmark)
  • New check extra717 Check if Elastic Load Balancers have logging enabled (Not Scored) (Not part of CIS benchmark)
  • New check extra718 Check if S3 buckets have server access logging enabled (Not Scored) (Not part of CIS benchmark)
  • New check extra719 Check if Route53 hosted zones are logging queries to CloudWatch Logs (Not Scored) (Not part of CIS benchmark)
  • New check extra720 Check if Lambda functions invoke API operations are being recorded by CloudTrail (Not Scored) (Not part of CIS benchmark)
  • New check extra721 Check if Redshift cluster has audit logging enabled (Not Scored) (Not part of CIS benchmark)
  • New check extra722 Check if API Gateway has logging enabled (Not Scored) (Not part of CIS benchmark)

Fixes:

Improvements:

  • PR #150 Load of authentication credentials
  • PR #164 check31 by @subramani95
  • PR #167 OSTYPE handling to support Alpine docker containers

Documentation:

Special thanks to:

@sidewinder12s @subramani95 @neonbunny and @SubatomicHero.

Assets 2
Loading

Prowler 1.5

09 Jan 21:20
@toniblyx toniblyx
1.5
dec8391
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Prowler 1.5

New features:

  • More extra checks to find public AMIs, ECR repos and EC2 snapshots
  • New flag -l to list all available checks
  • New Dockerfile to create your own image with prowler

Fixes:

  • Issue #133 text fix in check36
  • Issue #137 fix in check114
  • Issue #136 fix in check113
  • Issue #135 fix regarding [[]] statements
  • Issue #134 fix in check124
  • Issue #131 fix in check312
  • Issue #130 fix in check12
  • Issue #129 fix in checks section 3

Improvements:

  • Refactored title and checks id in the script

Documentation:

  • Added section how to add Custom Checks to README
  • Added section Third Party Integrations to README

Thanks to @st33v @wassies @tomas-milata @sente @pbugnion

Assets 2
Loading

Prowler 1.4

13 Sep 13:28
@toniblyx toniblyx
1.4
ae8b807
Compare
Choose a tag to compare
Prowler 1.4
  • New features
    #101 Added -n option to show check numbers easier to sort, ie. 1.02 instead of 1.2.
  • Improvements
    #83 better check73 checking bucket permissions (ACL and Policies)
    #81 Improved extra73 - S3 bucket permissions
    #84 Improved and error handling for check15 and check111, improved check41
  • Fixes
    #82 Fixed bug in extra73 for buckets in EU (eu-west-1)
    #86 Fix LICENSE
    #87 Fix temp file issue
    #91 Broken sed expression & typos
    #92 Fix scored output
    #95 Added --max-items option to extra72
    #97 Removed printCurrentDate() and added current date to banner
    #98 Updated infoReferenceLong() text and moved the function call
    #99 Remove bit.ly reference
    #100 Removed printCurrentDate reference
    #103 Fix check14 if users contain same strings as table tittle

Thanks @MrSecure @neonbunny @hemedga @jphuynh @steverigby for your help and suggestions.

Contributors

MrSecure, steverigby, and 3 other contributors
Assets 2
Loading

Prowler 1.3

18 Jul 17:21
@toniblyx toniblyx
1.3
0ea9de8
Compare
Choose a tag to compare
Prowler 1.3
  • Fixes regarding SNS checks and some other small fixes
  • Added CIS profile definitions (profile1 and profile2 as stated in their documentation)
  • Added extra checks (extra71, extra72 and extra73 to check admins w/o MFA, Search Publicly shared EBS Snapshots and S3 buckets open to the internet)
  • Improved documentation
Assets 2
Loading

Prowler 1.2

12 Jul 16:44
@toniblyx toniblyx
1.2
2de0b5e
Compare
Choose a tag to compare
Prowler 1.2

#57
#58
#59
#60
#61
#62

Assets 2
Loading

Prowler 1.1.1

27 Jun 16:54
@toniblyx toniblyx
1.1.1
62dfd9a
Compare
Choose a tag to compare
Prowler 1.1.1 
Merge pull request #55 from MrSecure/spelling

fix spelling error in CSV output
Assets 2
Loading

Prowler 1.1

27 Jun 14:20
@toniblyx toniblyx
1.1
765be03
Compare
Choose a tag to compare
Prowler 1.1

Added csv output option (-M) and code clean up thanks to @MrSecure

Assets 2
Loading

Prowler 1.0

15 Jun 22:30
@toniblyx toniblyx
1.0
783fc71
Compare
Choose a tag to compare
Prowler 1.0

Initial version to keep track of changes from now on.

Assets 2
Loading