prowler-github

Run all default GitHub security checks

$ prowler github

$ prowler github --personal-access-token [pat]

$ prowler github --oauth-app-token [oauth_token]

$ prowler github --github-app-id [app_id] --github-app-key [app_key]

Navigate to the cloned Prowler directory first:
cd prowler

python3 prowler.py [CLOUD_PROVIDER] [OPTIONS]

Example: Run all AWS CIS checks:
python3 prowler.py aws --groups cis

Example: Run specific Azure checks:
python3 prowler.py azure --checks azure_storage_secure_transfer_required

-h, --help
    Show the program's help message and exit.

-V, --version
    Show program's version number and exit.

--cloud <cloud_name>
    Specify the cloud provider to scan (e.g., aws, azure, gcp).

--checks <check_id,check_id,...>
    Run specific comma-separated check IDs. E.g., --checks cis_1.1.

--services <service_name,service_name,...>
    Run checks for specific comma-separated services. E.g., --services s3,ec2.

--groups <group_name,group_name,...>
    Run checks for specific comma-separated groups (e.g., cis,hipaa,gdpr).

--output-modes <format,format,...>
    Specify desired output formats (e.g., json,csv,html,cli).

--output-directory <path>
    Directory where reports will be saved.

--profile <profile_name>
    Use a specific cloud provider profile (e.g., AWS CLI named profile).

--region <region_name>
    Specify the cloud region for checks. E.g., us-east-1.

Prowler is an open-source command-line tool dedicated to comprehensive security assessments, auditing, incident response, continuous monitoring, hardening, and forensics readiness across various cloud environments, including AWS, Azure, and GCP. It empowers organizations to validate their cloud infrastructure's adherence to security best practices and compliance standards like CIS Benchmarks, HIPAA, GDPR, ISO 27001, PCI DSS, and SOC 2. The term "prowler-github" commonly refers to obtaining Prowler by cloning its official GitHub repository, which is the typical deployment method on Linux systems. Once cloned, users execute Prowler using Python, navigating to the tool's directory. It offers a modular design, allowing for the execution of specific checks, entire service groups, or all available checks, providing detailed reports on potential misconfigurations and vulnerabilities. Its flexibility makes it an invaluable asset for various cloud security operations.

The term "prowler-github" is not a standalone Linux command but rather refers to the Prowler tool that is commonly obtained and run from its GitHub repository.
It requires Python 3 and its dependencies to be installed.
Proper cloud provider credentials (e.g., AWS IAM permissions) are essential for Prowler to perform its checks effectively.
It is an assessment tool providing point-in-time snapshots, not a real-time monitoring solution.
Output can be extensive; users should utilize filtering and output options for manageability.

Typical installation involves cloning the Prowler repository from GitHub and installing its Python dependencies.
git clone https://github.com/prowler-cloud/prowler.git
cd prowler
pip install -r requirements.txt

Prowler requires appropriate credentials to interact with your cloud environment. For AWS, this often involves configuring IAM roles, access keys, or using AWS CLI profiles. Similar mechanisms exist for Azure (Service Principals) and GCP (Service Accounts) to grant Prowler the necessary permissions to perform its security checks.

Prowler was initially developed by Toni de la Fuente with a focus on AWS security hardening, particularly aligning with CIS Benchmarks. Its open-source nature and ease of use quickly led to its adoption within the cloud security community. Over time, its capabilities expanded significantly to include assessments for other major cloud providers like Azure and GCP, as well as a broader range of compliance frameworks. The project's active development and maintenance primarily occur through its GitHub repository, reflecting its community-driven evolution into a comprehensive cloud security auditing tool.

git(1), python3(1), awscli(1)