Releases: caido/caido
v0.49.0
Changelog
This release brings two long-requested features: customizable workflow shortcuts and Markdown support in findings. Alongside these, weβve fixed dozens of bugs and shipped quality-of-life improvements across the plugin SDK, Replay, and Intercept.
β‘ Workflow Shortcuts
You can now assign custom keyboard shortcuts to run specific workflows, making it faster than ever to trigger your favorite automations.
π Markdown in Findings
The finding editor now supports Markdown formatting. Use bold, - lists, code blocks and even images to better structure your findings.
π₯ Features
606: Add shortcuts to workflows
851: Option to close the replay tabs with the scroll wheel button of the mouse, just like browser tabs.
1068: Markdown support in findings editor
1194: Add timeout option for sdk.requests.send
1195: Provide more meaningful messages in sdk.requests.send errors
1275: Shortcut to switch between tabs in replay
1388: Frontend SDK - Add button next to replay session bar
1416: Move the "+ Create New Scope" option to the bottom of the context menu
1572: Add length on Body object in JS
1577: Force update a plugin
1597: Ctrl+F not working in intercept
1598: Replay editor dynamic extensions
1599: Add support for accessing scope in backend SDK
1602: Rework workflow limit for free users
1611: Plugin search
1634: Getter for Request or Request ID in Findings in the Backend SDK
1635: Add backend safe mode
π Bug Fixes
1125: Change shortcut Icons
1137: Key bindings get reset every time the app is restarted and sometimes in the middle of use
1340: Long environment variable value hide the save button
1349: Custom Keyboard Shortcuts Not Functioning as Expected
1371: Dark-mode theme (+ window background) is only applied ~1sec after launching the main-window
1515: When default/preconfifured keybindings are changed to a users preference, it doesn't work
1564: Command palette not closing with Esc
1570: Placeholder in Automate Goes Missing after an Attack Is Launched
1578: Reset credentials should not persist between restarts of the instance
1579: Httpql bar resets cursor to start of the box on
1581: Performance Issues with Response editor in Raw mode
1582: Typing in Match & Replace Condition moves cursor to start
1585: Host header IPv6 is parsed incorrectly
1588: Don't auto-select a project if there is a pending migration
1592: Response in intercept are not always respecting httpql
1607: HTTPQL query randomly disappears in Intercept
1613: Invisible proxy doesn't work with port redirect
1614: Proxying the caido calls should short circuit
Issues
This release also includes other bug fixes and improvements.
View the full list of changes.
CLI
β’ Linux x86_64
β’ Linux AArch64
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
Desktop
β’ Linux x86_64 (deb)
β’ Linux x86_64 (tar.gz)
β’ Linux x86_64 (AppImage)
β’ Linux AArch64 (deb)
β’ Linux AArch64 (tar.gz)
β’ Linux AArch64 (AppImage)
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
v0.48.1
Changelog
This is a patch release to fix an issue where the app would display an available update when you're at the latest version.
Issues
This release also includes other bug fixes and improvements.
View the full list of changes.
CLI
β’ Linux x86_64
β’ Linux AArch64
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
Desktop
β’ Linux x86_64 (deb)
β’ Linux x86_64 (tar.gz)
β’ Linux x86_64 (AppImage)
β’ Linux AArch64 (deb)
β’ Linux AArch64 (tar.gz)
β’ Linux AArch64 (AppImage)
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
v0.48.0
Changelog
This release brings highly requested features such as automatic updates, guest mode, and WebSocket interception, along with many quality-of-life improvements.
Guest Mode
Users can now access Caido without an account by using guest mode. Guest sessions are limited to temporary projects and allow only one installed plugin.
Automatic Updates
Desktop users on macOS, Windows, and Linux (experimental for .AppImage and .deb) will now be notified when an update is available. Click once to download in the background, then again to install the update.
WebSocket Interception
You can now intercept and edit WebSocket messages directly from the Intercept page, just like with HTTP requests.
π₯ Additional Features
- Sitemap keyboard navigation: Adds keyboard support for navigating the sitemap.
- Allow delete of node in sitemap: Users can now delete nodes directly from the sitemap.
- Clear sitemap items: Adds an option to clear the entire sitemap.
- Intercept websocket: Introduces the ability to capture and modify WebSocket traffic.
- Highlight matching brackets in editors: Improves code editing experience by visually matching brackets.
- Persist headers when following redirect: Ensures HTTP headers are maintained across follow-redirects.
- Add unlimited/max timeout in shell node: Increased the max execution time of shell nodes to 24h
- Copy multiple URLs on select: Users can now copy multiple request URLs at once.
- Close Others, Close right, Close Left when Right-Clicking on Replay Tabs: Provides enhanced tab management options with right-click actions.
- Replay Tab Search Box Indexing: Searching in the replay collections will also match the request path/method/host/sni
- Temporary Workspace: Lets users spin up disposable projects.
- Navigate to Websocket Stream: Enables quick navigation to related WebSocket streams from a request.
- Support Zero-Padded Numbers as a Payload Type: Adds support for zero-padded numbers in automate payloads.
- Allowlist of domains that can access the Caido API: Adds a security feature to restrict API access to trusted domains.
π Bug Fixes
- Highlight issue in pretty: Fixes incorrect highlights in the prettified request/response editors.
- Filter Presets Are Reset to the Off State When the Window Reloads: Resolves an issue where filter presets are not preserved on page reload.
- History table shows "Loading..." when deleting entries and scrolling to the bottom: Fixes a bug where the table gets stuck in a loading state during entry deletion.
- Commands executed with the WSL shell don't receive environment variables: Ensures environment variables are correctly passed to the shell workflow node when using WSL.
𧩠Plugin SDK
- Backend SDK
- Define ToString on Several Types: Improves developer experience by implementing
.toString()on multiple internal types. - Allow SDK env to set variable of any environment: You can now update variables assigned to any environment.
- Define ToString on Several Types: Improves developer experience by implementing
- Frontend SDK
- Register codemirror extensions to HTTP history request editor: Adds support for extending the request editor using custom codemirror extensions.
Issues
This release also includes other bug fixes and improvements.
View the full list of changes.
CLI
β’ Linux x86_64
β’ Linux AArch64
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
Desktop
β’ Linux x86_64 (deb)
β’ Linux x86_64 (tar.gz)
β’ Linux x86_64 (AppImage)
β’ Linux AArch64 (deb)
β’ Linux AArch64 (tar.gz)
β’ Linux AArch64 (AppImage)
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
v0.47.1
Changelog
This is a patch release to fix an issue where users could not connect to remote Caido instances.
Issues
This release also includes other bug fixes and improvements.
View the full list of changes.
CLI
β’ Linux x86_64
β’ Linux AArch64
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
Desktop
β’ Linux x86_64 (deb)
β’ Linux x86_64 (tar.gz)
β’ Linux x86_64 (AppImage)
β’ Linux AArch64 (deb)
β’ Linux AArch64 (tar.gz)
β’ Linux AArch64 (AppImage)
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
v0.47.0
Changelog
This release brings a complete redesign of Match & Replace, adding workflow support and making it more intuitive. Weβve also introduced Invisible Proxying, DNS Entry Overriding, expanded Replay/Response in browser support, and built-in access to backend logs from the bottom panel.
π₯ Features
- Invisible Proxying Support: Intercept traffic from non-proxy-aware clients without manual proxy configuration.
- Override DNS Entries: Set a specific IP or DNS server to resolve domain names as needed.
- Display Backend Logs: Backend logs are now visible directly in the UI for better debugging.
- Replay in Browser: "Replay in Browser" is now available in all request/response panes.
- View Response in Browser: "View Response in Browser"is now available in all request/response panes.
- Match & Replace - βAdd Headerβ: Simplified the process to add a new header
- Match & Replace - Workflow support: You can now use workflows as dynamic replacements
- Add Reload Window Command: You can now reload the window from the command palette in the event of a bug
π Bug Fixes
- Missing Load Indicator When Updating HTTPQL Query: Added load animation when updating an HTTPQL query.
- Workflow Name not Saved: Saving a workflow now properly retains its name.
- Resolved Missing Workflows: Fixed an issue where workflows would sometimes not be displayed in the editor.
- Fixed βLoadingβ Requests in HTTP History: Newest requests now properly load when placed at the bottom of the table.
- Responses Not Populating in HTTP History: Fixed an issue where responses sometimes did not appear in the history table.
- Highlighting in Automate Colors Unselected Rows: Addressed an issue where row highlights would spread to other rows.
- Lazy Table Performance Improvements: Fixed excessive network requests when switching projects in lazy-loaded tables.
𧩠Plugin SDK
- [BREAKING] Frontend - MatchReplaceSDK: Updated match & replace SDK to fit with the new redesign
- Frontend - WorkflowSDK: Added functions to interact with workflows
sdk.workflows.getWorkflows(): List existing workflowssdk.workflows.onCreatedWorkflow(): Triggers a callback when a workflow is created.sdk.workflows.onUpdatedWorkflow(): Triggers a callback when a workflow is updated.sdk.workflows.onDeletedWorkflow(): Triggers a callback when a workflow is deleted.
Issues
This release also includes other bug fixes and improvements.
View the full list of changes.
CLI
β’ Linux x86_64
β’ Linux AArch64
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
Desktop
β’ Linux x86_64 (deb)
β’ Linux x86_64 (tar.gz)
β’ Linux x86_64 (AppImage)
β’ Linux AArch64 (deb)
β’ Linux AArch64 (tar.gz)
β’ Linux AArch64 (AppImage)
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
v0.46.0
Changelog
This release brings major quality-of-life improvements, including setting a default project, viewing responses in the browser, and numerous bug fixes to improve stability and performance.
β Important: Due to a bug in the previous version, the update notification popup may not appear. To ensure you're on the latest version, please visit https://caido.io/download and download the update manually.
π₯ Features
- Set Default Project: You can now choose which project to open when launching Caido
- Replay in Browser / View Response in Browser: Request and responses can now be replayed/viewed directly in the browser. This feature is currently available by right-clicking a table row, with future support planned for the request/response panes.
𧩠Plugin SDK
- Extra File Bundling: Plugins now support bundling extra files.
- RequestSpecRaw -> RequestSpec Conversion: Backend plugins now support converting
RequestSpecRawobjects intoRequestSpecviaRequestSpecRaw.getSpec()andRequestSpec.parse(RequestSpecRaw) - Get Caido Version: The frontend and backend SDK now provides a method to fetch the current version of Caido via
sdk.runtime.getVersion()
π Bug Fixes
- Fixed WebSocket reserved bits not being supported.
- Fixed multiple highlighting issues with the HTTP History / Search / Automate tables
- Improved memory usage and performance when running large automate tasks
- Fixed an issue where font-size changes aren't properly previewed in the settings page
- Fixed incorrect caching behavior in the DNS resolver.
- Fixed an issue where updates were not displayed properly in version 0.45.0.
Issues
This release also includes other bug fixes and improvements.
View the full list of changes here.
CLI
β’ Linux x86_64
β’ Linux AArch64
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
Desktop
β’ Linux x86_64 (deb)
β’ Linux x86_64 (tar.gz)
β’ Linux x86_64 (AppImage)
β’ Linux AArch64 (deb)
β’ Linux AArch64 (tar.gz)
β’ Linux AArch64 (AppImage)
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
v0.45.1
Changelog
Small release to fix some bugs.
π Bug Fixes
- Fixed sitemap not being updated when switching scopes
- Fixed missing default shortcuts for Send-To commands
- Increased time before displaying URL decoder tooltip
- Hides URL decoder tooltip when selection changes
Issues
This release also includes other bug fixes and improvements.
View the full list of changes here.
CLI
β’ Linux x86_64
β’ Linux AArch64
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
Desktop
β’ Linux x86_64 (deb)
β’ Linux x86_64 (tar.gz)
β’ Linux x86_64 (AppImage)
β’ Linux AArch64 (deb)
β’ Linux AArch64 (tar.gz)
β’ Linux AArch64 (AppImage)
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
v0.45.0
Changelog
This release includes improvements to request interception, manual finding creation, and updates to the plugin SDK.
π₯ Features
- HTTPQL for Intercept: Filter requests and responses during interception based on HTTPQL queries.
- Manual Findings: Added the ability to right-click and select "Send to Findingsβ¦" to manually create findings.
- URL Decoding Tooltip: Tooltips now display decoded values for URL-encoded strings in the editor.
- Quick Project Creation: Projects can now be quickly created via the top-right project selector dropdown.
π¨ Plugin SDK Updates
- Frontend SDK:
- Added
sdk.[page].getScopeId()andsdk.[page].setScope()to retrieve or set the current page scope. - Added
sdk.env.getVars()to retrieve all available environment variables.
- Added
- Backend SDK:
- Added
sdk.meta.version()to retrieve the Caido instance version. - Added
sdk.meta.updateAvailable()to check if an update is available. - Added
sdk.env.getVars()to retrieve all available environment variables.
- Added
Issues
This release also includes other bug fixes and improvements.
View the full list of changes here.
CLI
β’ Linux x86_64
β’ Linux AArch64
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
Desktop
β’ Linux x86_64 (deb)
β’ Linux x86_64 (tar.gz)
β’ Linux x86_64 (AppImage)
β’ Linux AArch64 (deb)
β’ Linux AArch64 (tar.gz)
β’ Linux AArch64 (AppImage)
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
v0.44.1
Changelog
Small release to fix some bugs.
π Bug Fixes
- Fixed bug in Environment integration with Workflows
- Fixed missing typing in the JS Node Editor
Issues
This release also includes other bug fixes and improvements.
View the full list of changes here.
CLI
β’ Linux x86_64
β’ Linux AArch64
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
Desktop
β’ Linux x86_64 (deb)
β’ Linux x86_64 (tar.gz)
β’ Linux x86_64 (AppImage)
β’ Linux AArch64 (deb)
β’ Linux AArch64 (tar.gz)
β’ Linux AArch64 (AppImage)
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
v0.44.0
Changelog
This update brings a new variable store feature, SNI overrides, as well as important improvements to the plugin SDK for both backend and frontend development.
ποΈ Variable Store
You can now define variables that can be automatically inserted into replay and automate requests. Multiple environments can be created to organize variables and easily switch between them.
π CA Certificate Import
You can now import your own CA certificates into Caido.
π§ SNI Overrides
You can now overwrite the SNI in your replay sessions.
π Tab Reordering
Replay and automate session tabs can now be reordered.
π οΈ Backend SDK
RequestSpecnow supports working with raw bytes in its getters and setters instead of strings. This enables handling non-UTF8 characters in methods likesetMethodandsetPathand allows retrieving data as aUint8Array.
π¨ Frontend SDK
sdk.env.getVar: Fetch variables from the new variable store.sdk.navigation.addPage: Added anonEntercallback to execute custom logic when navigating to a specific page.
Issues
This release also includes other bug fixes and improvements.
View the full list of changes here.
CLI
β’ Linux x86_64
β’ Linux AArch64
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64
Desktop
β’ Linux x86_64 (deb)
β’ Linux x86_64 (tar.gz)
β’ Linux x86_64 (AppImage)
β’ Linux AArch64 (deb)
β’ Linux AArch64 (tar.gz)
β’ Linux AArch64 (AppImage)
β’ macOS x86_64
β’ macOS AArch64
β’ Windows x86_64