Caido has unveiled version 0.47.0 of its web pentesting tool, cementing its position as a robust alternative to Burp Suite.
This release is marked by several key enhancements that improve user experience and expand the tool’s capabilities in web application testing.
The updates include a complete overhaul of the Match & Replace feature, the introduction of Invisible Proxying, DNS Entry Overriding, and enhanced support for replaying requests and responses directly in the browser.
.png
)
Key Features of Caido v0.47.0
- Invisible Proxying Support: Users can now intercept traffic from clients that do not natively support proxy configurations, simplifying the process of monitoring and managing network interactions without requiring manual proxy setup.
- Override DNS Entries: This feature allows users to set specific IP addresses or DNS servers to resolve domain names as needed, providing greater control over how network requests are routed and resolved.
- Display Backend Logs: Direct access to backend logs from within the UI significantly enhances debugging capabilities. This allows for quicker analysis and troubleshooting of issues encountered during testing.
- Replay and View Response in Browser: Caido has expanded its functionality to allow users to replay requests and view responses directly in their browser across all request/response panes. This makes it easier to visualize and understand the effects of changes made during testing.
- Match & Replace Enhancements: The Match & Replace feature has been redesigned for improved workflow integration and ease of use. Users can now incorporate workflows as dynamic replacements and add new headers with simplified steps, streamlining the process of modifying traffic flows.
- Add Reload Window Command: A new command palette feature allows users to reload the application window. This is particularly useful for recovering from bugs or unexpected behavior, ensuring uninterrupted workflow.
Bug Fixes and Enhancements
In addition to new features, Caido v0.47.0 addresses several bugs and performance issues:
- Resolved Issues with Workflow Visibility: Workflows are now correctly saved and displayed, fixing an issue where workflows sometimes failed to appear in the editor.
- Fixed HTTP History Loading: The most recent requests are properly loaded at the bottom of the history table, addressing an issue where responses were not populating as expected.
- Improved Interface Performance: Lazy table performance has been optimized to reduce network requests when switching projects, resulting in faster and more efficient navigation.
Plugin SDK Updates
The release also includes significant updates to the Plugin SDK:
- MatchReplaceSDK: The SDK for Match & Replace has been updated to support the new design and workflow integration, allowing developers to build more dynamic and flexible plugins.
- WorkflowSDK: New functions have been added to interact with workflows. Developers can now list existing workflows, and receive callbacks when workflows are created, updated, or deleted, enabling more integrated and automated processes.
A minor patch, version 0.47.1, was also released shortly after, resolving an issue that prevented users from connecting to remote Caido instances. This ensures a seamless experience, even across distributed environments.
The latest version of Caido continues to push the boundaries of web pentesting, providing users with a sophisticated toolset that rivals industry standards like Burp Suite.
With its enhanced features and bug fixes, Caido v0.47.0 is a significant step forward in the realm of web security testing, offering improved workflows and better control over the testing environment.
As cybersecurity threats evolve, tools like Caido are essential for maintaining robust security protocols and ensuring the integrity of web applications.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free
