Skip to content
1337skills 1337skills

Caido Commands

Comprehensive Caido web security testing proxy commands and workflows for penetration testing and bug bounty hunting.

Installation

CommandDescription
brew install caidoInstall Caido on macOS via Homebrew
curl -fsSL https://caido.io/install.sh | shInstall Caido on Linux
caido --versionShow Caido version
caidoLaunch Caido (opens web UI at 127.0.0.1:8080)
caido --port 9090Launch Caido on custom port
caido --listen 0.0.0.0Launch Caido listening on all interfaces

Proxy Configuration

SettingDescription
Proxy Address: 127.0.0.1:8080Default proxy listener address
Browser → Settings → Proxy → 127.0.0.1:8080Configure browser to use Caido proxy
export http_proxy=http://127.0.0.1:8080Set proxy via environment variable
export https_proxy=http://127.0.0.1:8080Set HTTPS proxy via environment variable
curl -x http://127.0.0.1:8080 https://target.comRoute curl through Caido
Install CA Certificate from http://127.0.0.1:8080/caTrust Caido’s CA for HTTPS interception

Intercept Mode

ActionDescription
>> Forwarding buttonSwitch to Queuing mode for interception
|| Queuing buttonCurrently intercepting requests
Forward buttonForward intercepted request to server
Drop buttonDrop intercepted request
Edit request in intercept viewModify request before forwarding
Toggle response interceptionAlso intercept responses from server

HTTPQL Query Language

QueryDescription
host eq "target.com"Filter by exact hostname
host cont "target"Filter by hostname containing string
resp.status_code eq 200Filter by response status code
resp.status_code gte 400Filter by status code >= 400
req.method eq "POST"Filter by HTTP method
req.path cont "/api/"Filter by URL path containing string
resp.body cont "password"Filter responses containing text
req.header cont "Authorization"Filter by header presence
resp.length gt 1000Filter by response size
host eq "target.com" AND req.method eq "POST"Combine filters with AND
req.path cont "/admin" OR req.path cont "/api"Combine filters with OR

Keyboard Shortcuts

ShortcutDescription
Ctrl + RSend request to Replay
Ctrl + Shift + RSend to Automate
Ctrl + IToggle intercept mode
Ctrl + FOpen search/filter
Ctrl + POpen command palette
Ctrl + KQuick navigation
TabSwitch between panels
EscapeClose current dialog

Replay (Request Editor)

ActionDescription
Right-click → Send to ReplaySend any request to Replay tab
Ctrl + R on selected requestQuick send to Replay
Modify headers in ReplayEdit request headers
Modify body in ReplayEdit request body
Send button in ReplayExecute modified request
Create new tab in ReplayMaintain multiple replay sessions
Rename replay tabOrganize testing sessions

Automate (Fuzzing)

ActionDescription
Ctrl + Shift + RSend request to Automate
Select text → Insert placeholderMark injection point with §
Add payload listConfigure wordlist for fuzzing
Set payload type: Simple ListUse a list of values
Set payload type: SequenceUse numbered sequence
Set payload type: RecursiveRecursive payload generation
Configure rate limitingControl request speed
Start automationBegin automated testing
Sort results by status codeAnalyze responses
Filter results by response lengthFind anomalies

Scope Configuration

ActionDescription
Settings → Scope → Add hostAdd target to testing scope
*.target.comWildcard scope for all subdomains
target.com:443Scope with specific port
Enable scope filteringOnly show in-scope traffic
Exclude out-of-scope hostsFilter noise from proxy history

Workflow Automation

ActionDescription
Create new workflowBuild custom automation pipeline
Add Passive nodeTrigger on matching traffic
Add Active nodeModify requests/responses in-flight
Add Convert nodeTransform data between formats
Chain workflow nodesBuild multi-step automation
Export workflowShare workflow configuration
Import workflowLoad shared workflow

Assistant (AI Integration)

ActionDescription
Open Assistant panelAccess AI-powered analysis
Ask about request/responseGet AI insights on traffic
Generate attack suggestionsAI-recommended test vectors
Analyze vulnerability patternsAI-assisted vulnerability detection
Explain response behaviorUnderstand application logic

Project Management

ActionDescription
File → New ProjectCreate new testing project
File → Open ProjectOpen existing project
File → Save ProjectSave current project state
Export findingsExport discovered issues
Import requests from fileLoad saved requests
Tag requestsOrganize with custom tags
Add notes to requestsDocument findings

Sitemap

ActionDescription
View → SitemapOpen sitemap panel
Expand domain treeView discovered endpoints
Filter by response typeShow specific content types
Export sitemapSave discovered structure
Identify hidden endpointsReview auto-discovered paths

Plugin System

ActionDescription
Settings → PluginsManage installed plugins
Browse plugin storeFind community plugins
Install pluginAdd new functionality
Create custom pluginBuild with Caido SDK
caido plugin init <name>Scaffold new plugin project
caido plugin buildBuild plugin for distribution

Tips and Best Practices

TipDescription
Use scope filteringReduce noise by focusing on targets
Tag interesting requestsMark findings for later review
Use HTTPQL filtersEfficiently search large traffic history
Chain workflowsAutomate repetitive testing tasks
Export findings regularlyBack up discovered vulnerabilities
Use keyboard shortcutsSpeed up testing workflow
Configure CA cert firstEnsure HTTPS interception works
Use Replay for manual testingIterate on requests efficiently