Attack surface detector that identifies endpoints by static analysis.
Installation • Documentation • Available Support Scope • Usage • Contributing
Key Features
- Identify API endpoints and parameters from source code.
- Support various source code languages and frameworks.
- Provide analysts with technical information and security issues identified during source code analysis.
- Friendly pipeline & DevOps integration, offering multiple output formats (JSON, YAML, OAS spec) and compatibility with tools like curl and httpie.
- Friendly Offensive Security Tools integration, allowing usage with tools such as ZAP and Caido, Burpsuite.
- Generate elegant and clear output results.
Available Support Scope
Endpoint's Entities
- Path - Method - Param - Header - Cookie - Protocol (e.g ws) - Details (e.g The origin of the endpoint)Languages and Frameworks
| Language | Framework | URL | Method | Param | Header | Cookie | WS | |----------|-------------|-----|--------|-------|--------|--------|----| | Crystal | Kemal | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | | Crystal | Lucky | ✅ | ✅ | ✅ | ✅ | ✅ | X | | Go | Beego | ✅ | ✅ | X | X | X | X | | Go | Echo | ✅ | ✅ | ✅ | ✅ | ✅ | X | | Go | Gin | ✅ | ✅ | ✅ | ✅ | ✅ | X | | Go | Fiber | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | | Python | Django | ✅ | ✅ | ✅ | ✅ | ✅ | X | | Python | Flask | ✅ | ✅ | ✅ | ✅ | ✅ | X | | Python | FastAPI | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | | Ruby | Rails | ✅ | ✅ | ✅ | ✅ | ✅ | X | | Ruby | Sinatra | ✅ | ✅ | ✅ | ✅ | ✅ | X | | Ruby | Hanami | ✅ | ✅ | X | X | X | X | | Php | | ✅ | ✅ | ✅ | ✅ | X | X | | Java | Jsp | ✅ | ✅ | ✅ | X | X | X | | Java | Armeria | ✅ | ✅ | X | X | X | X | | Java | Spring | ✅ | ✅ | ✅ | ✅ | X | X | | Kotlin | Spring | ✅ | ✅ | ✅ | ✅ | ✅ | X | | JS | Express | ✅ | ✅ | ✅ | ✅ | ✅ | X | | JS | Restify | ✅ | ✅ | ✅ | ✅ | ✅ | X | | Rust | Axum | ✅ | ✅ | X | X | X | X | | Rust | Rocket | ✅ | ✅ | X | X | X | X | | Elixir | Phoenix | ✅ | ✅ | X | X | X | ✅ | | C# | ASP.NET MVC | ✅ | X | X | X | X | X | | JS | Next | X | X | X | X | X | X |Specification
| Specification | Format | URL | Method | Param | Header | WS | |------------------------|---------|-----|--------|-------|--------|----| | OAS 2.0 (Swagger 2.0) | JSON | ✅ | ✅ | ✅ | ✅ | X | | OAS 2.0 (Swagger 2.0) | YAML | ✅ | ✅ | ✅ | ✅ | X | | OAS 3.0 | JSON | ✅ | ✅ | ✅ | ✅ | X | | OAS 3.0 | YAML | ✅ | ✅ | ✅ | ✅ | X | | RAML | YAML | ✅ | ✅ | ✅ | ✅ | X | | HAR | JSON | ✅ | ✅ | ✅ | ✅ | X |Installation
Homebrew
brew install noir
# https://formulae.brew.sh/formula/noirSnapcraft
sudo snap install noir
# https://snapcraft.io/noirFrom Sources
# Install Crystal-lang
# https://crystal-lang.org/install/
# Clone this repo
git clone https://github.com/owasp-noir/noir
cd noir
# Install Dependencies
shards install
# Build
shards build --release --no-debug
# Copy binary
cp ./bin/noir /usr/bin/Docker (GHCR)
docker pull ghcr.io/owasp-noir/noir:mainUsage
noir -h Example
noir -b <source_dir>
JSON Result
noir -b . -u https://testapp.internal.domains -f json -T{
"url": "https://testapp.internal.domains/query",
"method": "POST",
"params": [
{
"name": "my_auth",
"value": "",
"param_type": "cookie",
"tags": []
},
{
"name": "query",
"value": "",
"param_type": "form",
"tags": [
{
"name": "sqli",
"description": "This parameter may be vulnerable to SQL Injection attacks.",
"tagger": "Hunt"
}
]
}
],
"details": {
"code_paths": [
{
"path": "spec/functional_test/fixtures/crystal_kemal/src/testapp.cr",
"line": 8
}
]
},
"protocol": "http",
"tags": []
}For more details, please visit our documentation page.
Contributing
Noir is open-source project and made it with ❤️ if you want contribute this project, please see CONTRIBUTING.md and Pull-Request with cool your contents.
