Merge pull request #434 from owasp-noir/release-0-18

Release-0-18
owasp-noir · Oct 31, 2024 · c2c4e15 · c2c4e15
2 parents e6c1010 + 7915248
commit c2c4e15
Show file tree

Hide file tree

Showing 7 changed files with 24 additions and 6 deletions.
diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -23,7 +23,7 @@ If applicable, add screenshots to help explain your problem.
 
 **Versions**
  - OS: [e.g. macos, linux]
- - Version [e.g. v0.17.0]
+ - Version [e.g. v0.18.0]
 
 **Additional context**
 Add any other context about the problem here.
diff --git a/docs/_advanced/passive_scan.md b/docs/_advanced/passive_scan.md
@@ -43,5 +43,4 @@ Explanation of Output:
 * Extract: This shows where or how the sensitive information is being accessed or used. In this case, it's extracting an x-api-key from the request headers.
 * File: Indicates the location of the potential security issue within the codebase, pointing to the exact file and line number where the issue was detected.
 
-This output helps developers immediately identify where and what kind of security issues exist in their code, focusing on passive analysis without actively exploiting the vulnerabilities.
-'
+This output helps developers immediately identify where and what kind of security issues exist in their code, focusing on passive analysis without actively exploiting the vulnerabilities.
diff --git a/docs/_advanced/passive_scan/community_rules.md b/docs/_advanced/passive_scan/community_rules.md
@@ -0,0 +1,15 @@
+---
+title: Community Rules
+parent: Passive Scan
+has_children: false
+nav_order: 3
+layout: page
+---
+
+Community rules are managed in several repositories below. You can clone these repositories to the default rule path for use.
+
+To clone the `noir-passive-rules` repository to the default rule path, use the following command:
+
+```bash
+git clone https://github.com/owasp-noir/noir-passive-rules ~/.config/noir/passive_rules/
+```
diff --git a/docs/_includes/usage.md b/docs/_includes/usage.md
@@ -24,6 +24,10 @@ FLAGS:
     --no-color                       Disable color output
     --no-log                         Displaying only the results
 
+  PASSIVE SCAN:
+    -P, --passive-scan               Perform a passive scan for security issues using rules from the specified path
+    --passive-scan-path PATH         Specify the path for the rules used in the passive security scan
+
   TAGGER:
     -T, --use-all-taggers            Activates all taggers for full analysis coverage
     --use-taggers VALUES             Activates specific taggers (e.g., --use-taggers hunt,oauth)

diff --git a/shard.yml b/shard.yml
@@ -1,6 +1,6 @@
 # Project Metadata
 name: noir
-version: 0.17.0
+version: 0.18.0
 authors:
   - hahwul <[email protected]>
   - ksg97031 <[email protected]>

diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml
@@ -1,6 +1,6 @@
 name: noir
 base: core20
-version: 0.17.0
+version: 0.18.0
 summary: Attack surface detector that identifies endpoints by static analysis.
 description: |
   Noir is an open-source project specializing in identifying attack surfaces for enhanced whitebox security testing and security pipeline. 

diff --git a/src/noir.cr b/src/noir.cr
@@ -6,7 +6,7 @@ require "./options.cr"
 require "./techs/techs.cr"
 
 module Noir
-  VERSION = "0.17.0"
+  VERSION = "0.18.0"
 end
 
 # Print banner