OWASP Noir is an open-source project specializing in identifying attack surfaces for enhanced whitebox security testing and security pipeline. This includes the capability to discover API endpoints, web endpoints, and other potential entry points within source code for thorough security analysis.

• Automatic identification of language and framework from source code.
• Uncover API endpoints and web pages with code analysis.
• Lightning-fast results integration with proxy tools like ZAP, Burpsuite, Caido, and more.
• Structured data output in JSON and YAML for seamless collaboration with other tools.
• Command line samples provided for easy integration with tools like cURL and HTTPie.