Miscellaneous

Prowler Version

Show Prowler version:

prowler <provider> -V/-v/--version

Verbose

Execute Prowler in verbose mode (like in Version 2):

prowler <provider> --verbose

Show only Fails

Prowler can only display the failed findings:

prowler <provider> -q/--quiet

Hide Prowler Banner

Prowler can run without showing its banner:

prowler <provider> -b/--no-banner

Checks

Prowler has checks per provider, there are options related with them:

• List the available checks in the provider:

  prowler <provider> --list-checks
  

• Execute specific check(s):

  prowler <provider> -c/--checks s3_bucket_public_access
  

• Exclude specific check(s):

  prowler <provider> -e/--excluded-checks ec2 rds
  

• Execute checks that appears in a json file:

  <checks_list>.json
  
  {
      "<provider>": [
          "<check_name_1",
          "<check_name_2",
          "<check_name_3",
          ...
      ],
      ...
  }
  

  prowler <provider> -C/--checks-file <checks_list>.json
  

Severities

Each of Prowler's checks has a severity, which can be: - informational - low - medium - high - critical

To execute specific severity(s):

prowler <provider> --severity critical high

Service

Prowler has services per provider, there are options related with them:

• List the available services in the provider:

  prowler <provider> --list-services
  

• Execute specific service(s):

  prowler <provider> -s/--services s3 iam
  

• Exclude specific service(s):

  prowler <provider> --excluded-services ec2 rds
  

Categories

Prowler groups checks in different categories, there are options related with them:

• List the available categories in the provider:

  prowler <provider> --list-categories
  

• Execute specific category(s):

  prowler  <provider> --categories
  

AWS

Scan specific AWS Region

Prowler can scan specific region(s) with:

prowler <provider> -f/--filter-region eu-west-1 us-east-1

Use AWS Profile

Prowler can use your custom AWS Profile with:

prowler <provider> -p/--profile <profile_name>