Caido v0.57.0 released

Caido has released its latest version, 0.57.0. Built entirely in Rust, the tool continues to position itself as a compelling alternative to solutions like Burp Suite and OWASP ZAP.

This release adds WebSocket support in Replay and Match & Replace, custom extractors in Automate, and a new StreamQL query language for WebSocket filtering:

Features

WebSocket in Replay

You can now send WebSocket messages from the Replay page. Create a new WebSocket
session, set the initial HTTP request, and start sending messages.

Users on the free tier may create up to 1 WebSocket session at a time. Individual
and Team tiers can create unlimited WebSocket sessions.

Automate Extractors

Automate now has support for custom extractors, allowing you to extract response
sections and view them as a custom column in the result tables.

Add an extractor, define a regex with a capture group, and start the Automate session.

Websocket Filtering with StreamQL

Websocket messages in the WS History page can now be filtered using a new StreamQL
language. This brings the experience closer to what is already available in the HTTP
History and Search pages.

QoL Improvements

Along with bug fixes, we also have a few QoL improvements worth mentioning:

  Match & Replace rules can now be applied to websocket requests and responses
  Filters can now be made "Global", making them accessible across all of your projects.
  A new "Logging" node in Workflows to help you debug fields without having to rely on
  the JS nodes.

View the full list of changes.

Happy web-hacking! :-)

• News
• Tools