OWASP Noir
Attack surface detector that identifies endpoints by static analysis.
Noir is an open-source project specializing in identifying attack surfaces for enhanced whitebox security testing and security pipeline. This includes the capability to discover API endpoints, web endpoints, and other potential entry points within source code for thorough security analysis and DAST. For more information, please visit our documentation page.
Key Features
- Extract API endpoints and parameters from source code.
- Support multiple languages and frameworks.
- Uncover security issues with detailed analysis and rule-based passive scanning.
- Integrate seamlessly with DevOps pipelines and tools like curl, ZAP, and Caido.
- Deliver clear, actionable results in formats like JSON, YAML, and OAS.
- Enhance endpoint discovery with AI for unfamiliar frameworks and hidden APIs.
Road Map
We plan to expand the range of supported programming languages and frameworks, and to increase accuracy. Initially conceived as a tool to assist with WhiteBox testing, our goal is to extract and provide endpoints from the source code within the DevSecOps Pipeline, enabling DAST to conduct more accurate and stable scans.
Installation
Homebrew
brew install noir
# https://formulae.brew.sh/formula/noir
Snapcraft
sudo snap install noir
# https://snapcraft.io/noir
From Sources
# Install Crystal-lang
# https://crystal-lang.org/install/
# Clone this repo
git clone https://github.com/owasp-noir/noir
cd noir
# Install Dependencies
shards install
# Build
shards build --release --no-debug
# Copy binary
cp ./bin/noir /usr/bin/
Docker (GHCR)
docker pull ghcr.io/owasp-noir/noir:main