owasp-noir · ksg97031 · Jul 23, 2024 · Jul 21, 2024 · Jul 21, 2024 · Jul 22, 2024
diff --git a/src/analyzer/analyzer.cr b/src/analyzer/analyzer.cr
@@ -34,7 +34,7 @@ def initialize_analyzers(logger : NoirLogger)
   analyzers["rust_axum"] = ->analyzer_rust_axum(Hash(String, String))
   analyzers["rust_rocket"] = ->analyzer_rust_rocket(Hash(String, String))
 
-  logger.info_sub "#{analyzers.size} Analyzers initialized"
+  logger.success "#{analyzers.size} Analyzers initialized"
   logger.debug "Analyzers:"
   analyzers.each do |key, _|
     logger.debug_sub "#{key} initialized"
@@ -45,31 +45,31 @@ end
 def analysis_endpoints(options : Hash(String, String), techs, logger : NoirLogger)
   result = [] of Endpoint
   file_analyzer = FileAnalyzer.new options
-  logger.system "Initializing analyzers"
+  logger.info "Initializing analyzers"
 
   analyzer = initialize_analyzers logger
   if options["url"] != ""
-    logger.info_sub "File analyzer initialized and #{file_analyzer.hooks_count} hooks loaded"
+    logger.sub "➔ File analyzer initialized and #{file_analyzer.hooks_count} hooks loaded"
   end
 
-  logger.system "Analysis Started"
-  logger.info_sub "Code Analyzer: #{techs.size} in use"
+  logger.info "Analysis Started"
+  logger.sub "➔ Code Analyzer: #{techs.size} in use"
 
   techs.each do |tech|
     if analyzer.has_key?(tech)
       if NoirTechs.similar_to_tech(options["exclude_techs"]).includes?(tech)
-        logger.info_sub "Skipping #{tech} analysis"
+        logger.sub "➔ Skipping #{tech} analysis"
         next
       end
       result = result + analyzer[tech].call(options)
     end
   end
 
   if options["url"] != ""
-    logger.info_sub "File-based Analyzer: #{file_analyzer.hooks_count} hook in use"
+    logger.sub "➔ File-based Analyzer: #{file_analyzer.hooks_count} hook in use"
     result = result + file_analyzer.analyze
   end
 
-  logger.info_sub "Found #{result.size} endpoints"
+  logger.sub "➔ Found #{result.size} endpoints"
   result
 end
diff --git a/src/models/code_locator.cr b/src/models/code_locator.cr
@@ -55,13 +55,13 @@ class CodeLocator
   end
 
   def show_table
-    @logger.info_sub("String Map:")
+    @logger.sub("String Map:")
     @s_map.each do |key, value|
-      @logger.info_sub("  #{key} => #{value}")
+      @logger.sub("  #{key} => #{value}")
     end
-    @logger.info_sub("Array Map:")
+    @logger.sub("Array Map:")
     @a_map.each do |key, value|
-      @logger.info_sub("  #{key} => #{value}")
+      @logger.sub("  #{key} => #{value}")
     end
   end
 end
diff --git a/src/models/deliver.cr b/src/models/deliver.cr
@@ -21,7 +21,7 @@ class Deliver
 
     if options["send_with_headers"] != ""
       headers_tmp = options["send_with_headers"].split("::NOIR::HEADERS::SPLIT::")
-      @logger.system "Setting headers from command line."
+      @logger.info "Setting headers from command line."
       headers_tmp.each do |header|
         if header.includes? ":"
           @logger.debug "Adding '#{header}' to headers."
@@ -40,19 +40,19 @@ class Deliver
           @headers[splited[0]] = value
         end
       end
-      @logger.info_sub "#{@headers.size} headers added."
+      @logger.sub "➔ #{@headers.size} headers added."
     end
 
     @matchers = options["use_matchers"].split("::NOIR::MATCHER::SPLIT::")
     @matchers.delete("")
     if @matchers.size > 0
-      @logger.system "#{@matchers.size} matchers added."
+      @logger.info "#{@matchers.size} matchers added."
     end
 
     @filters = options["use_filters"].split("::NOIR::FILTER::SPLIT::")
     @filters.delete("")
     if @filters.size > 0
-      @logger.system "#{@filters.size} filters added."
+      @logger.info "#{@filters.size} filters added."
     end
   end
 
@@ -62,12 +62,12 @@ class Deliver
     @logger.debug "Filters: #{@filters}"
 
     if @matchers.size > 0
-      @logger.system "Applying matchers"
+      @logger.info "Applying matchers"
       result = apply_matchers(endpoints)
     end
 
     if @filters.size > 0
-      @logger.system "Applying filters"
+      @logger.info "Applying filters"
       result = apply_filters(endpoints)
     end
 

diff --git a/src/models/logger.cr b/src/models/logger.cr
@@ -11,30 +11,40 @@ class NoirLogger
     STDOUT.puts message
   end
 
-  def system(message)
+  def info(message)
     if @no_log
       return
     end
 
-    prefix = "[*]".colorize(:light_cyan).toggle(@color_mode)
+    prefix = "⚑".colorize(:light_cyan).toggle(@color_mode)
     STDERR.puts "#{prefix} #{message}"
   end
 
-  def info(message)
+  def success(message)
     if @no_log
       return
     end
 
-    prefix = "[I]".colorize(:light_blue).toggle(@color_mode)
+    prefix = "✔".colorize(:green).toggle(@color_mode)
     STDERR.puts "#{prefix} #{message}"
   end
 
-  def info_sub(message)
+  def sub(message)
     if @no_log
       return
     end
 
-    STDERR.puts "    " + message
+    STDERR.puts "  " + message
+  end
+
+  def warning(message)
+    prefix = "▲".colorize(:yellow).toggle(@color_mode)
+    STDERR.puts "#{prefix} #{message}"
+  end
+
+  def error(message)
+    prefix = "✖︎".colorize(:red).toggle(@color_mode)
+    STDERR.puts "#{prefix} #{message}"
   end
 
   def debug(message)
@@ -43,7 +53,7 @@ class NoirLogger
     end
 
     if @debug
-      prefix = "[D]".colorize(:dark_gray).toggle(@color_mode)
+      prefix = "❏".colorize(:dark_gray).toggle(@color_mode)
       STDERR.puts "#{prefix} #{message}"
     end
   end
@@ -54,7 +64,13 @@ class NoirLogger
     end
 
     if @debug
-      STDERR.puts "    " + message.to_s
+      STDERR.puts "  " + message.to_s
     end
   end
+
+  def fatal(message)
+    prefix = "☠".colorize(:red).toggle(@color_mode)
+    STDERR.puts "#{prefix} #{message}"
+    exit(1)
+  end
 end
diff --git a/src/models/noir.cr b/src/models/noir.cr
@@ -66,7 +66,7 @@ class NoirRunner
 
     if @options["techs"].size > 0
       techs_tmp = @options["techs"].split(",")
-      @logger.info "Setting #{techs_tmp.size} techs from command line."
+      @logger.success "Setting #{techs_tmp.size} techs from command line."
       techs_tmp.each do |tech|
         @techs << NoirTechs.similar_to_tech(tech)
         @logger.debug "Added #{tech} to techs."
@@ -95,15 +95,15 @@ class NoirRunner
 
     # Run tagger
     if @options["all_taggers"] == "yes"
-      @logger.info "Running all taggers."
+      @logger.success "Running all taggers."
       NoirTaggers.run_tagger @endpoints, @options, "all"
       if @is_debug
         NoirTaggers.get_taggers.each do |tagger|
           @logger.debug "Tagger: #{tagger}"
         end
       end
     elsif @options["use_taggers"] != ""
-      @logger.info "Running #{@options["use_taggers"]} taggers."
+      @logger.success "Running #{@options["use_taggers"]} taggers."
       NoirTaggers.run_tagger @endpoints, @options, @options["use_taggers"]
     end
 
@@ -112,7 +112,7 @@ class NoirRunner
   end
 
   def optimize_endpoints
-    @logger.system "Optimizing endpoints."
+    @logger.info "Optimizing endpoints."
     final = [] of Endpoint
 
     @endpoints.each do |endpoint|
@@ -156,7 +156,7 @@ class NoirRunner
     target_url = @options["url"]
 
     if target_url != ""
-      @logger.system "Combining url and endpoints."
+      @logger.info "Combining url and endpoints."
       @endpoints.each do |endpoint|
         tmp_endpoint = endpoint
         if tmp_endpoint.url.includes? target_url
@@ -182,19 +182,19 @@ class NoirRunner
 
   def deliver
     if @send_proxy != ""
-      @logger.system "Sending requests with proxy #{@send_proxy}."
+      @logger.info "Sending requests with proxy #{@send_proxy}."
       deliver = SendWithProxy.new(@options)
       deliver.run(@endpoints)
     end
 
     if @send_req != "no"
-      @logger.system "Sending requests without proxy."
+      @logger.info "Sending requests without proxy."
       deliver = SendReq.new(@options)
       deliver.run(@endpoints)
     end
 
     if @send_es != ""
-      @logger.system "Sending requests to Elasticsearch."
+      @logger.info "Sending requests to Elasticsearch."
       deliver = SendElasticSearch.new(@options)
       deliver.run(@endpoints, @send_es)
     end

diff --git a/src/noir.cr b/src/noir.cr
@@ -17,14 +17,16 @@ noir_options = run_options_parser()
 
 # Check base path
 if noir_options["base"] == ""
-  STDERR.puts "ERROR: Base path is required."
+  STDERR.puts "ERROR: Base path is required.".colorize(:yellow)
   STDERR.puts "Please use -b or --base-path to set base path."
   STDERR.puts "If you need help, use -h or --help."
   exit(1)
 end
 
 # Run Noir
 app = NoirRunner.new noir_options
+start_time = Time.monotonic
+
 app.logger.debug("Start Debug mode")
 app.logger.debug("Noir version: #{Noir::VERSION}")
 app.logger.debug("Noir options from arguments:")
@@ -45,47 +47,55 @@ if noir_options["diff"] != ""
   diff_options["nolog"] = "yes"
 
   app_diff = NoirRunner.new diff_options
-  app.logger.system "Running Noir with Diff mode."
+  app.logger.info "Running Noir with Diff mode."
 end
 
 # Run Default mode
-app.logger.system "Detecting technologies to base directory."
+app.logger.info "Detecting technologies to base directory."
 app.detect
 
 if app.techs.size == 0
-  app.logger.info "No technologies detected."
+  app.logger.warning "No technologies detected."
+  app.logger.sub "➔ If you know the technology, use the -t flag to specify it."
+  app.logger.sub "➔ Please check tech lists using the --list-techs flag."
   if app.options["url"] != ""
-    app.logger.system "Start file-based analysis as the -u flag has been used."
+    app.logger.info "Start file-based analysis as the -u flag has been used."
   else
     exit(0)
   end
 else
   if app.techs.size > 0
-    app.logger.info "Detected #{app.techs.size} technologies."
+    app.logger.success "Detected #{app.techs.size} technologies."
     app.techs.each_with_index do |tech, index|
       if index < app.techs.size - 1
-        app.logger.info_sub "├── #{tech}"
+        app.logger.sub "├── #{tech}"
       else
-        app.logger.info_sub "└── #{tech}"
+        app.logger.sub "└── #{tech}"
       end
     end
-    app.logger.system "Start code analysis based on the detected technology."
+    app.logger.info "Start code analysis based on the detected technology."
   end
 end
 
 app.analyze
-app.logger.info "Finally identified #{app.endpoints.size} endpoints."
+app.logger.success "Finally identified #{app.endpoints.size} endpoints."
+
+# Check and print scan time
+end_time = Time.monotonic
+elapsed_time = end_time - start_time
+
+app.logger.info "Scan completed in #{elapsed_time.total_milliseconds.round} ms."
 
 if app_diff.nil?
-  app.logger.system "Generating Report."
+  app.logger.info "Generating Report."
   app.report
 else
-  app.logger.system "Diffing base and diff codebases."
+  app.logger.info "Diffing base and diff codebases."
   locator = CodeLocator.instance
   locator.clear_all
   app_diff.detect
   app_diff.analyze
 
-  app.logger.system "Generating Diff Report."
+  app.logger.info "Generating Diff Report."
   app.diff_report(app_diff)
 end