Cyber Security News

Caido v0.47.0 Released – A Web Pentesting Tool Alternative to Burp Suite

Caido has unveiled version 0.47.0 of its web pentesting tool, cementing its position as a robust alternative to Burp Suite.

This release is marked by several key enhancements that improve user experience and expand the tool’s capabilities in web application testing.

The updates include a complete overhaul of the Match & Replace feature, the introduction of Invisible Proxying, DNS Entry Overriding, and enhanced support for replaying requests and responses directly in the browser.

Key Features of Caido v0.47.0

  • Invisible Proxying Support: Users can now intercept traffic from clients that do not natively support proxy configurations, simplifying the process of monitoring and managing network interactions without requiring manual proxy setup.
  • Override DNS Entries: This feature allows users to set specific IP addresses or DNS servers to resolve domain names as needed, providing greater control over how network requests are routed and resolved.
  • Display Backend Logs: Direct access to backend logs from within the UI significantly enhances debugging capabilities. This allows for quicker analysis and troubleshooting of issues encountered during testing.
  • Replay and View Response in Browser: Caido has expanded its functionality to allow users to replay requests and view responses directly in their browser across all request/response panes. This makes it easier to visualize and understand the effects of changes made during testing.
  • Match & Replace Enhancements: The Match & Replace feature has been redesigned for improved workflow integration and ease of use. Users can now incorporate workflows as dynamic replacements and add new headers with simplified steps, streamlining the process of modifying traffic flows.
  • Add Reload Window Command: A new command palette feature allows users to reload the application window. This is particularly useful for recovering from bugs or unexpected behavior, ensuring uninterrupted workflow.

Bug Fixes and Enhancements

In addition to new features, Caido v0.47.0 addresses several bugs and performance issues:

  • Resolved Issues with Workflow Visibility: Workflows are now correctly saved and displayed, fixing an issue where workflows sometimes failed to appear in the editor.
  • Fixed HTTP History Loading: The most recent requests are properly loaded at the bottom of the history table, addressing an issue where responses were not populating as expected.
  • Improved Interface Performance: Lazy table performance has been optimized to reduce network requests when switching projects, resulting in faster and more efficient navigation.

Plugin SDK Updates

The release also includes significant updates to the Plugin SDK:

  • MatchReplaceSDK: The SDK for Match & Replace has been updated to support the new design and workflow integration, allowing developers to build more dynamic and flexible plugins.
  • WorkflowSDK: New functions have been added to interact with workflows. Developers can now list existing workflows, and receive callbacks when workflows are created, updated, or deleted, enabling more integrated and automated processes.

A minor patch, version 0.47.1, was also released shortly after, resolving an issue that prevented users from connecting to remote Caido instances. This ensures a seamless experience, even across distributed environments.

The latest version of Caido continues to push the boundaries of web pentesting, providing users with a sophisticated toolset that rivals industry standards like Burp Suite.

With its enhanced features and bug fixes, Caido v0.47.0 is a significant step forward in the realm of web security testing, offering improved workflows and better control over the testing environment.

As cybersecurity threats evolve, tools like Caido are essential for maintaining robust security protocols and ensuring the integrity of web applications.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Attaxion Leads the Way as First EASM Platform to Integrate ENISA’s EU Vulnerability Database (EUVD)

Attaxion, the external attack surface management (EASM) vendor with industry-leading asset coverage, announces the integration…

11 minutes ago

Critical Vulnerability in Palo Alto GlobalProtect Gateway & Portal Enables Remote Code Execution

Palo Alto Networks has assigned the vulnerability a LOW severity rating but urges administrators to apply patches…

2 hours ago

Hazy Hawk Targets DNS Vulnerabilities to Hijack Cloud Resources and Spread Malware

The threat actor gained attention in February 2025 after successfully hijacking a subdomain of the…

2 hours ago

Critical VMware ESXi & vCenter Flaw Allows Remote Execution of Arbitrary Commands

VMware by Broadcom has released critical security updates to address multiple severe vulnerabilities affecting its…

2 hours ago

Accenture Files Leak – New Research Reveals Projects Controlling Billions of User Data

A new research report released today by Progressive International, Expose Accenture, and the Movement Research…

17 hours ago

Kimsuky APT Group Deploys PowerShell Payloads to Deliver XWorm RAT

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the notorious Kimsuky Advanced Persistent…

17 hours ago