Can you have the Prowler AWS test route53_dangling_ip_subdomain_takeover check against IP's from other AWS accounts?

[ernievd]

In running the Prowler AWS test route53_dangling_ip_subdomain_takeover, it detected dangling IPs in some records in a route53 hosted zone that were actually using IP's from load balancers that are running in another one of our AWS accounts, therefore those are not really dangling IPs.

I assume these were marked as vulnerabilities because those IPs are from load balancers located in a different AWS account - not the same AWS account as the hosted zone that the vulnerability was detected in (where the Prowler finding marked it as a vulnerability).

Is there any way to have the AWS Prowler route53_dangling_ip_subdomain_takeover test check against IP's from cross accounts?

[sergargar]

Hi @ernievd , thanks for reaching us out!
The check does not have the visibility of the IPs in different AWS accounts. However, we can set a configurable variable in the check which can contain all the external IPs that you want to allow. What do you think?