Skip to content

Commit 7c4014e

Browse files
authored
Merge pull request #10 from andoniaf/add-prowler-detection-coverage
Add Prowler detection coverage to 64 attack paths
2 parents f0427ba + 6815f94 commit 7c4014e

67 files changed

Lines changed: 234 additions & 74 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

README.md

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,6 @@
22

33
**The definitive source of truth for AWS IAM privilege escalation paths**
44

5-
[![Validate Schema](https://github.com/DataDog/pathfinding.cloud/actions/workflows/validate.yml/badge.svg)](https://github.com/DataDog/pathfinding.cloud/actions/workflows/validate.yml)
6-
[![Deploy to GitHub Pages](https://github.com/DataDog/pathfinding.cloud/actions/workflows/deploy.yml/badge.svg)](https://github.com/DataDog/pathfinding.cloud/actions/workflows/deploy.yml)
7-
85
**Website:** [https://pathfinding.cloud](https://pathfinding.cloud)
96

107
## Overview

data/paths/apprunner/apprunner-001.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -92,6 +92,8 @@ relatedPaths:
9292
- apprunner-002
9393
- lambda-001
9494
- ec2-001
95+
detectionTools:
96+
prowler: https://github.com/prowler-cloud/prowler/blob/eabe4884379070c72e07103f239bac70d31f6320/prowler/providers/aws/services/iam/lib/privilege_escalation.py#L287
9597
toolSupport:
9698
pmapper: false
9799
iamVulnerable: false

data/paths/apprunner/apprunner-002.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -91,6 +91,8 @@ relatedPaths:
9191
- apprunner-001
9292
- lambda-003
9393
- glue-002
94+
detectionTools:
95+
prowler: https://github.com/prowler-cloud/prowler/blob/eabe4884379070c72e07103f239bac70d31f6320/prowler/providers/aws/services/iam/lib/privilege_escalation.py#L292
9496
permissions:
9597
required:
9698
- permission: apprunner:UpdateService

data/paths/bedrock/bedrock-001.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -157,7 +157,7 @@ relatedPaths:
157157
- ec2-001
158158
- sagemaker-001
159159
detectionTools:
160-
prowler: https://github.com/prowler-cloud/prowler/blob/49c75cc4180e2304747d8fe4bd1b16dd38929d07/prowler/providers/aws/services/iam/lib/privilege_escalation.py#L106
160+
prowler: https://github.com/prowler-cloud/prowler/blob/eabe4884379070c72e07103f239bac70d31f6320/prowler/providers/aws/services/iam/lib/privilege_escalation.py#L294
161161
learningEnvironments:
162162
pathfinding-labs:
163163
type: open-source

data/paths/bedrock/bedrock-002.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -116,6 +116,8 @@ relatedPaths:
116116
- lambda-003
117117
- glue-002
118118
- ec2-002
119+
detectionTools:
120+
prowler: https://github.com/prowler-cloud/prowler/blob/eabe4884379070c72e07103f239bac70d31f6320/prowler/providers/aws/services/iam/lib/privilege_escalation.py#L300
119121
permissions:
120122
required:
121123
- permission: bedrock-agentcore:StartCodeInterpreterSession

data/paths/cloudformation/cloudformation-001.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -85,7 +85,7 @@ relatedPaths:
8585
detectionTools:
8686
pmapper: https://github.com/nccgroup/PMapper/blob/91d2e60102bdadf346d77b60d90ddaa4a678f037/principalmapper/graphing/cloudformation_edges.py#L109-L132
8787
cloudsplaining: https://github.com/salesforce/cloudsplaining/blob/7f82e7ab0a1a714d20a69b1d0b892e4702754e6b/cloudsplaining/shared/constants.py#L152
88-
prowler: https://github.com/prowler-cloud/prowler/blob/49c75cc4180e2304747d8fe4bd1b16dd38929d07/prowler/providers/aws/services/iam/lib/privilege_escalation.py#L60
88+
prowler: https://github.com/prowler-cloud/prowler/blob/eabe4884379070c72e07103f239bac70d31f6320/prowler/providers/aws/services/iam/lib/privilege_escalation.py#L169
8989
learningEnvironments:
9090
pathfinding-labs:
9191
type: open-source

data/paths/cloudformation/cloudformation-002.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -187,6 +187,7 @@ learningEnvironments:
187187
description: Deploy Terraform into your own AWS account and practice individual exploitation paths (requires CloudFormation non-free module, ~$0.40/month)
188188
detectionTools:
189189
pmapper: https://github.com/nccgroup/PMapper/blob/91d2e60102bdadf346d77b60d90ddaa4a678f037/principalmapper/graphing/cloudformation_edges.py#L149
190+
prowler: https://github.com/prowler-cloud/prowler/blob/eabe4884379070c72e07103f239bac70d31f6320/prowler/providers/aws/services/iam/lib/privilege_escalation.py#L174
190191
attackVisualization:
191192
nodes:
192193
- id: start

data/paths/cloudformation/cloudformation-003.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,8 @@ services:
55
- iam
66
- cloudformation
77

8+
detectionTools:
9+
prowler: https://github.com/prowler-cloud/prowler/blob/eabe4884379070c72e07103f239bac70d31f6320/prowler/providers/aws/services/iam/lib/privilege_escalation.py#L175
810
permissions:
911
required:
1012
- permission: iam:PassRole

data/paths/cloudformation/cloudformation-004.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,8 @@ services:
55
- iam
66
- cloudformation
77

8+
detectionTools:
9+
prowler: https://github.com/prowler-cloud/prowler/blob/eabe4884379070c72e07103f239bac70d31f6320/prowler/providers/aws/services/iam/lib/privilege_escalation.py#L181
810
permissions:
911
required:
1012
- permission: iam:PassRole

data/paths/cloudformation/cloudformation-005.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -172,6 +172,7 @@ relatedPaths:
172172
- cloudformation-004
173173
detectionTools:
174174
pmapper: https://github.com/nccgroup/PMapper/blob/91d2e60102bdadf346d77b60d90ddaa4a678f037/principalmapper/graphing/cloudformation_edges.py#L188-L210
175+
prowler: https://github.com/prowler-cloud/prowler/blob/eabe4884379070c72e07103f239bac70d31f6320/prowler/providers/aws/services/iam/lib/privilege_escalation.py#L186
175176
learningEnvironments:
176177
pathfinding-labs:
177178
type: open-source

0 commit comments

Comments
 (0)