Attack surface detector that identifies endpoints by static analysis
MIT License
Bot releases are visible (Hide)
Published by hahwul about 1 year ago
I would like to express my infinite gratitude to @ksg97031 once again.
Published by hahwul about 1 year ago
Published by hahwul about 1 year ago
Seems like I've almost reached the initially set modest feature scope. I'll be focusing on enhancing detection rates and coverage of techs for the foreseeable future. Nevertheless, turning great ideas into features is always a blast. If you have any cool improvements or ideas, feel free to drop them anytime through issues or discussions!
I've aligned the naming similarly to OAS2 with the introduction of OAS3 support.
oas2
format: ["JSON", "YAML"]
similar: ["oas 2.0", "oas_2_0", "swagger 2.0", "swagger_2_0", "swagger"]
oas3
format: ["JSON", "YAML"]
similar: ["oas 3.0", "oas_3_0"]
Example for Kemal Analyzer / In the default format, headers are displayed in green.
I'd like to extend my heartfelt thanks to all the contributors and everyone who provided feedback :D
Published by hahwul about 1 year ago
Noir now supports Swagger analysis. When Swagger documents are detected in the target source code, the tool analyzes those files to identify and extract endpoints.
Swagger Analysis
Now, information can be stored and retrieved through the CodeLocator.instance
(singleton instance). It is primarily used for data communication between detectors and analyzers, which helps reduce redundant tasks.
# Code1
locator = CodeLocator.instance
locator.set("swagger-json", filename)
# if filename is 'docs.json'
# Code2
puts locator.get("swagger-json")
# docs.json
Published by hahwul about 1 year ago
--exclude-techs
flag--techs-list
to --list-techs
for consistency with other flags.You can now force the technology to be ignored.
And, Similar languages are also handled.
--exclude-techs Rails
--exclude-techs ruby-rails
--exclude-techs rails
# All of the above flags disable ruby_rails.
Now, the technology list is managed with additional metadata information included.
So the --list-techs
flag has also been modified accordingly.
Published by hahwul about 1 year ago
Fixed bugs https://github.com/hahwul/noir/pull/18 ( by @ksg97031 )
Fixed a bug where some techniques were missing from the --techs-list
flag
Published by hahwul about 1 year ago
P.S.
In addition to the endpoints defined by the programming language, we intend to trace endpoints by scanning files generated within the source code directory. For instance, utilizing OpenAPI files :D
Published by hahwul about 1 year ago
Published by hahwul about 1 year ago
Published by hahwul about 1 year ago
ws
websocket
tested it with xssmaze.
Published by hahwul about 1 year ago
First release 😎
and I extend my gratitude to the first contributor, nil (@ksg97031)! Thank you for your valuable contribution!