Output Formats
Noir is built to be a versatile tool that can fit into any workflow. A key part of this flexibility is the ability to output scan results in a variety of formats. Whether you need a machine-readable format for automation or a human-readable one for manual review, Noir has you covered.
Choosing the Right Format
| Use Case | Recommended Format | Flag |
|---|---|---|
| Integration with scripts/tools | JSON | -f json |
| CI/CD security reporting | SARIF | -f sarif |
| API documentation generation | OpenAPI | -f oas3 |
| Quick endpoint testing | cURL / HTTPie / PowerShell | -f curl |
| Human-readable review | YAML | -f yaml |
| Configuration-style output | More (TOML) | -f toml |
| Import into Postman | More (Postman Collection) | -f postman |
| Visual report sharing | HTML | -f html |
| API structure visualization | Mermaid | -f mermaid |
| Just list URLs or params | More (Filters) | -f only-url |
Available Formats
- HTTP Client Commands: Generate executable cURL, HTTPie, and PowerShell commands for testing endpoints.
- JSON and JSONL: A widely used format that's perfect for integrating with other tools and scripts.
- YAML: A human-readable format that's great for configuration files and manual inspection.
- OpenAPI Specification (OAS): Generate an OpenAPI document from your code to easily create API documentation or set up security testing.
- SARIF: Industry-standard format for security tool output with native CI/CD platform integration.
- HTML Report: Generate a comprehensive, visual HTML report of your scan results.
- Mermaid Chart: Generate diagrams for visualizing your API structure.
- Additional Formats: Discover additional formats including TOML, JSONL, Postman collections, Markdown tables, and specialized filters.
By choosing the right output format, you can streamline your development process and make it easier to act on the insights provided by Noir.