Delivering Results to Other Tools

Send discovered endpoints directly to security tools like Burp Suite, ZAP, or Elasticsearch for further analysis.

Usage

Relevant flags:

• --send-req — Send as web request
• --send-proxy http://proxy... — Send through HTTP proxy
• --send-es http://es... — Send to Elasticsearch
• --with-headers X-Header:Value — Add custom headers
• --use-matchers string — Only send matching endpoints (URL, method, or method:URL)
• --use-filters string — Exclude matching endpoints (URL, method, or method:URL)

Sending to a Proxy

Send all endpoints to a proxy like Burp Suite or ZAP.

noir -b ./source --send-proxy http://localhost:8080

Adding Custom Headers

Attach custom headers such as authentication tokens.

noir -b ./source --send-proxy http://localhost:8080 --with-headers "Authorization: Bearer your-token"

Filtering and Matching

Use matchers and filters to send only specific endpoints.

URL-based Filtering

Send endpoints containing "api".

noir -b ./source --send-proxy http://localhost:8080 --use-matchers "api"

Method-based Filtering

Send only GET requests.

noir -b ./source --send-proxy http://localhost:8080 --use-matchers "GET"

Exclude POST requests.

noir -b ./source --send-proxy http://localhost:8080 --use-filters "POST"

Method and URL Combination

Send POST requests to API endpoints.

noir -b ./source --send-proxy http://localhost:8080 --use-matchers "POST:/api"

Exclude GET requests to admin pages.

noir -b ./source --send-proxy http://localhost:8080 --use-filters "GET:/admin"

Supported HTTP Methods

GET, POST, PUT, DELETE, PATCH, HEAD, OPTIONS, TRACE, CONNECT (case insensitive)

Multiple Patterns

Combine multiple matchers or filters.

noir -b ./source --send-proxy http://localhost:8080 --use-matchers "GET" --use-matchers "POST:/api"