🎉 You’ve been asking for it. The Caido Scanner plugin is finally here.
Run checks in the background or scan specific requests on demand to find issues like reflected XSS, SQL injection, and CORS misconfigurations.
All checks are open source. Add your own and help the list grow 💪
🚀New plugin in the Caido Store!
Introducing "Chatio" by @amrelsagaei
Ask AI questions with prompt templates, files, code or screenshots. You can also hit CTRL + SPACE to edit requests, create filters and more using natural language.
Check out more details: github.com/amrelsagaei/...
🚀New plugin in the Caido Store!
Introducing "NewRequests" by @ntrm.bsky.social
Identify which requests follow a certain action by filtering out the HTTP History table with a hotkey.
Check out more details: github.com/martinhaunsc...
🚀 New plugin in the Caido Store!
Introducing "Notes++" by _StaticFlow_ and bebiksior.
Markdown-powered notes within Caido! Embed replay sessions and insert selected text directly into your notes.
Check out more details: github.com/caido-commun...
🚀New plugin in the Caido Store!
Introducing "Exploit Generator" by @stealthcopter
Generate executable proof-of-concept (PoC) code from intercepted requests, in multiple languages and frameworks, such as Python, JavaScript, and Bash/cURL.
Check out more details: github.com/stealthcopte...
🚀New plugin in the Caido Store!
Introducing "Drop" by @Rhynorater
Get connected to your collaborator’s instance and share objects back and forth such as Replay tabs, M&R rules, scopes and filters.
Check out more details: github.com/caido-commun...
🚀New plugin in the Caido Store!
Introducing "JWT Analyzer" by @amrelsagaei
Detect, inspect, and test JSON Web Tokens for vulnerabilities during live traffic analysis.
Check out more details: github.com/amrelsagaei/...
🚀 v0.47.0 is here!
✅ Redesigned Match & Replace + Workflow support
✅ Built-in logs for better debugging
✅ DNS entry overrides
✅ Invisible proxying
✅ Request / replay response in browser
✅ Default project selection
Here’s everything you need to know 🧵👇
We’re excited to share that we partnered with Parrot Security 🤝
Caido will now be pre-installed on Parrot OS and we will work toward more native integrations with the OS.
Read all about it on our blog!
https://buff.ly/3DXI5XD
🚀 v0.45.1 is out!
You can now filter intercepted requests with HTTPQL to focus on the ones that matter to you.
We’ve also added manual Finding creation, URL decoding on hover, and more.
Full list of changes: https://buff.ly/3Whf3Z6
Yep, it's in our todo list: github.com/caido/caido/...
I know a lot of people are looking forward to this. We'll tackle it this quarter.
Another highly requested plugin is in the store now 🎉
🎉 Happy New Year! We’re kicking off 2025 with a new plugin in the Caido Store!
Introducing “Param Finder” by bebiksior—discover hidden parameters in Caido with ease.
Check it out: https://buff.ly/4a6ASjS
You can find the full list of plugins we have here: caido.io/plugins
+ we also have a docs docs.caido.io + a Discord server if you have any questions
Yo, new big thing: Shift.
AI seamlessly integrated into your HTTP proxy.
Use cases:
"Take this JS and build the JSON request body"
"Fill in these IDs from my notes - UserA"
"Create a match and replace rule to turn on this feature flag"
"Generate a wordlist with all HTTP Verbs"
🚀 New plugin in the Caido Store!
Introducing "QuickSSRF" by w2xim3.
Perform out-of-band testing with interactsh to detect vulnerabilities like blind SSRF.
Check it out: https://buff.ly/4eU28Tz
Do you know what makes a perfect gift for a hacker? A Caido subscription 😍
You can now buy Caido Vouchers directly from our site https://buff.ly/3Zzozcg
Environments are something I've wanted for a while now.
Heads up that @jobertabma.bsky.social is an impersonator and y'all should report the account 🙄
I suppose I never really advertise it BUT here goes:
I run a free hacking newsletter every week called MonkeHacks, where I talk about what I've done for the week, list some useful resources I've read, and talk about research I've done. If you're subscribed already - thanks! If not - please sub!
Caught one more! @rhynorater.bsky.social
Last week, a number of infosec companies began posting on Bluesky. Allow me to mention just a few...
@caido.io
@sensepost.com
@portswigger.net
@sansisc.bsky.social
@compasssecurity.bsky.social
if you have a @github.com profile, can i ask you to update it with your @bsky.app handle? 🙏
👉 it enables some very cool integrations, like auto curated feeds and starter packs for contributors and tech
We are super happy to sponsor Bug Bounty Village Brazil of the @h2hconference.bsky.social conference 🚀
If you are in Brazil on the 14-15th of December, it is a must 🎉
👋 @0xacb.bsky.social
Just added a whole bunch more people to my Hackers starter pack 🥰 go.bsky.app/NRP3ecE
Good list, thank you!
