noir~owasp-noir
Attack surface detector that identifies endpoints by static analysis.
Installation • Documentation • Available Support Scope • Usage • Contributing
Key Features
- Identify API endpoints and parameters from source code.
- Support various source code languages and frameworks.
- Provide analysts with technical information and security issues identified during source code analysis.
- Friendly pipeline & DevOps integration, offering multiple output formats (JSON, YAML, OAS spec) and compatibility with tools like curl and httpie.
- Friendly Offensive Security Tools integration, allowing usage with tools such as ZAP and Caido, Burpsuite.
- Generate elegant and clear output results.
Available Support Scope
Endpoint's Entities
- Path
- Method
- Param
- Header
- Cookie
- Protocol (e.g ws)
- Details (e.g The origin of the endpoint)
Languages and Frameworks
| Language | Framework | URL | Method | Param | Header | Cookie | WS | |----------|-------------|-----|--------|-------|--------|--------|----| | Crystal | Kemal | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | | Crystal | Lucky | ✅ | ✅ | ✅ | ✅ | ✅ | X | | Go | Beego | ✅ | ✅ | X | X | X | X | | Go | Echo | ✅ | ✅ | ✅ | ✅ | ✅ | X | | Go | Gin | ✅ | ✅ | ✅ | ✅ | ✅ | X | | Go | Fiber | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | | Python | Django | ✅ | ✅ | ✅ | ✅ | ✅ | X | | Python | Flask | ✅ | ✅ | ✅ | ✅ | ✅ | X | | Python | FastAPI | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | | Ruby | Rails | ✅ | ✅ | ✅ | ✅ | ✅ | X | | Ruby | Sinatra | ✅ | ✅ | ✅ | ✅ | ✅ | X | | Ruby | Hanami | ✅ | ✅ | X | X | X | X | | Php | | ✅ | ✅ | ✅ | ✅ | X | X | | Java | Jsp | ✅ | ✅ | ✅ | X | X | X | | Java | Armeria | ✅ | ✅ | X | X | X | X | | Java | Spring | ✅ | ✅ | ✅ | ✅ | X | X | | Kotlin | Spring | ✅ | ✅ | ✅ | ✅ | ✅ | X | | JS | Express | ✅ | ✅ | ✅ | ✅ | ✅ | X | | JS | Restify | ✅ | ✅ | ✅ | ✅ | ✅ | X | | Rust | Axum | ✅ | ✅ | X | X | X | X | | Rust | Rocket | ✅ | ✅ | X | X | X | X | | Elixir | Phoenix | ✅ | ✅ | X | X | X | ✅ | | C# | ASP.NET MVC | ✅ | X | X | X | X | X | | JS | Next | X | X | X | X | X | X |
Specification
| Specification | Format | URL | Method | Param | Header | WS | |------------------------|---------|-----|--------|-------|--------|----| | OAS 2.0 (Swagger 2.0) | JSON | ✅ | ✅ | ✅ | ✅ | X | | OAS 2.0 (Swagger 2.0) | YAML | ✅ | ✅ | ✅ | ✅ | X | | OAS 3.0 | JSON | ✅ | ✅ | ✅ | ✅ | X | | OAS 3.0 | YAML | ✅ | ✅ | ✅ | ✅ | X | | RAML | YAML | ✅ | ✅ | ✅ | ✅ | X | | HAR | JSON | ✅ | ✅ | ✅ | ✅ | X |
Installation
Homebrew
brew install noir
# https://formulae.brew.sh/formula/noir
Snapcraft
sudo snap install noir
# https://snapcraft.io/noir
From Sources
# Install Crystal-lang
# https://crystal-lang.org/install/
# Clone this repo
git clone https://github.com/owasp-noir/noir
cd noir
# Install Dependencies
shards install
# Build
shards build --release --no-debug
# Copy binary
cp ./bin/noir /usr/bin/
Docker (GHCR)
docker pull ghcr.io/owasp-noir/noir:main
Usage
noir -h
Example
noir -b <source_dir>
JSON Result
noir -b . -u https://testapp.internal.domains -f json -T
{
"url": "https://testapp.internal.domains/query",
"method": "POST",
"params": [
{
"name": "my_auth",
"value": "",
"param_type": "cookie",
"tags": []
},
{
"name": "query",
"value": "",
"param_type": "form",
"tags": [
{
"name": "sqli",
"description": "This parameter may be vulnerable to SQL Injection attacks.",
"tagger": "Hunt"
}
]
}
],
"details": {
"code_paths": [
{
"path": "spec/functional_test/fixtures/crystal_kemal/src/testapp.cr",
"line": 8
}
]
},
"protocol": "http",
"tags": []
}
For more details, please visit our documentation page.
Contributing
Noir is open-source project and made it with ❤️ if you want contribute this project, please see CONTRIBUTING.md and Pull-Request with cool your contents.
noir: github: owasp-noir/noir version: ~> 0.17.0
Authors
Dependencies 2
Development Dependencies 0
Dependents 0
Similar shards
Releases
- 0.29.1 2026-04-02
- 0.29.0 2026-03-28
- 0.28.0 2026-02-22
- 0.27.1 2026-01-24
- 0.27.0 2026-01-15
- 0.26.0 2025-12-20
- 0.25.1 2025-11-16
- 0.25.0 2025-11-08