OWASP Noir Action

January 24, 2026

Version updated for https://github.com/owasp-noir/noir to version v0.27.1.

This action is used across all versions by 0 repositories.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

OWASP Noir is a security-focused GitHub Action that analyzes source code to accurately identify and inventory authenticated endpoints, shadow APIs, hidden routes, and deprecated endpoints, bridging the gap between static (SAST) and dynamic (DAST) application security testing. It automates attack surface discovery using AI-powered analysis and generates actionable insights in formats compatible with security tools like ZAP, Burp Suite, and Caido, helping security teams eliminate blind spots and enhance DevSecOps pipelines.

Release notes

What’s Changed

Bump CI/CD workflows
Fixed bug: Fix file extension removal bug when using dot base path (-b .) #980

Full Changelog: https://github.com/owasp-noir/noir/compare/v0.27.0...v0.27.1

owasp-noir
GitHub Actions