Caido v0.47.0 Released – New Features to Rival Burp Suite

The latest release of Caido introduces a suite of powerful features, enhancements, and fixes aimed at improving security testing workflows and debugging efficiency.

This update focuses on redesigning the Match & Replace tool, introducing advanced proxying capabilities, and expanding browser integration for request/response handling.

🔥 New Features

1. Invisible Proxying Support

This feature enables traffic interception from non-proxy-aware clients without requiring manual proxy configuration.

By leveraging tools like DNSChef or modifying host files, users can redirect traffic seamlessly to Caido’s proxy server, making it ideal for testing applications that do not natively support proxies.

2. Override DNS Entries

Users can now set specific IP addresses or DNS servers to resolve domain names as needed.

This is particularly useful for internal networks or testing environments requiring domain redirection. For example:

bashpython ./dnschef.py --fakedomains example.com --fakeip 192.168.1.22 -i 192.168.1.22

Alternatively, temporary DNS overrides can be achieved by editing the hosts file in Windows or Linux environments.

3. Display Backend Logs

Backend logs are now accessible directly from the UI’s bottom panel, providing developers with real-time debugging insights without switching tools.

4. Replay in Browser

The “Replay in Browser” functionality is now available across all request/response panes, allowing users to test HTTP requests directly within their browser environment.

5. View Response in Browser

Similar to replay functionality, this feature lets users view HTTP responses in a browser for better visualization of rendered content.

6. Match & Replace Enhancements

• Add Header Simplification: Adding headers has been streamlined for ease of use.
• Workflow Support: Dynamic replacements using workflows are now supported, enabling automated and context-aware modifications during testing.

7. Reload Window Command

A new command (Reload Window) has been added to the command palette, allowing users to refresh the application if they encounter bugs or performance issues.

🐞 Bug Fixes

• HTTPQL Query Updates: A loading animation now appears when updating HTTPQL queries.
• Workflow Name Persistence: Workflow names are now saved correctly.
• HTTP History Issues: Fixed problems where responses and new requests were not populating properly in the history table.
• Automate Row Highlighting: Resolved issues with row highlights affecting unselected rows.
• Lazy Table Performance: Reduced excessive network requests when switching between projects in lazy-loaded tables.

🧩 Plugin SDK Updates

The Plugin SDK has been enhanced with new capabilities for managing workflows:

• sdk.workflows.getWorkflows(): Retrieves a list of existing workflows.
• sdk.workflows.onCreatedWorkflow(): Triggers a callback when a workflow is created.
• sdk.workflows.onUpdatedWorkflow(): Triggers a callback when a workflow is updated.
• sdk.workflows.onDeletedWorkflow(): Triggers a callback when a workflow is deleted.

Additionally, the MatchReplaceSDK has been updated to align with the redesigned Match & Replace tool.

🚀 Patches

Version 0.47.1

This patch resolves connectivity issues with remote Caido instances, ensuring smoother integration for distributed teams.

This release marks a significant step forward in usability and functionality for security testers using Caido.

The redesigned Match & Replace tool, invisible proxying support, and expanded browser integrations provide developers with greater flexibility and control over their testing workflows.

With these advancements, Caido continues to position itself as an essential tool for modern security testing professionals.

Also Read:

Multiple Cisco Smart Licensing Utility Flaws Under Attack

See more