Interact with Caido proxy for HTTP traffic analysis, request replay, and security testing. Use when user mentions 'caido', 'proxy traffic', 'pentest', 'replay request', 'HTTP history', 'security finding', 'intercept', or wants to analyze/modify/replay HTTP requests.
CLI interface to a running Caido proxy instance. All output is JSON.
bun run src/cli.ts <command> [options]
Prerequisites: A Caido instance must be running and a PAT must be configured (via CAIDO_PAT env var or bun run src/cli.ts setup <pat>).
!bun run src/cli.ts health 2>/dev/null | head -3
| Command | Purpose |
|---|---|
recent [--limit N] | List recent proxied requests |
get <id> [--max-body N] |
| Full request + response for an ID |
search '<httpql>' | Search with HTTPQL filter |
| Command | Purpose |
|---|---|
send <requestId> | Replay a request from history |
send-raw '<raw>' <host> [port] [tls] | Send a raw HTTP request |
| Command | Purpose |
|---|---|
findings | List findings |
create-finding <reqId> --title T | Create a finding linked to a request |
| Command | Purpose |
|---|---|
intercept-status | Check if intercept is running/paused |
intercept-enable | Resume intercept |
intercept-disable | Pause intercept |
search)HTTPQL is Caido's filter language. Values must be quoted. Examples:
# Filter by method
bun run src/cli.ts search 'req.method.eq:"GET"'
# Filter by host
bun run src/cli.ts search 'req.host.eq:"example.com"'
# Filter by response status
bun run src/cli.ts search 'resp.code.eq:"403"'
# Filter by path containing string
bun run src/cli.ts search 'req.path.contain:"api"'
# Combine with AND
bun run src/cli.ts search 'req.method.eq:"POST" AND resp.code.eq:"401"'
bun run src/cli.ts recent --limit 50 - Get overview of trafficbun run src/cli.ts search 'req.host.eq:"target.com"' - Filter for targetbun run src/cli.ts get <id> --max-body 5000 - Inspect specific requestsbun run src/cli.ts get <id> - Get original request detailsbun run src/cli.ts send <id> - Replay it (check response)bun run src/cli.ts send-raw 'GET /admin HTTP/1.1\r\nHost: target.com\r\nCookie: session=abc\r\n\r\n' target.com 443 true - Send modified requestbun run src/cli.ts create-finding <reqId> --title "IDOR in user API" --desc "User ID in path is not validated" - Record finding# Send a custom POST request
bun run src/cli.ts send-raw 'POST /api/login HTTP/1.1\r\nHost: target.com\r\nContent-Type: application/json\r\nContent-Length: 30\r\n\r\n{"username":"admin","pass":"test"}' target.com 443 true
For the full command list with all options, read .claude/skills/caido/references/commands.md.
For detailed HTTPQL syntax, read .claude/skills/caido/references/httpql.md.