Do you use Caido to hunt for vulnerabilities? Would you like to access your favourite Bug Bounty Programs from inside this popular AppSec auditing toolkit?
Then check out YesWeCaido, a new plugin for effortlessly browsing YesWeHack hunting opportunities, monitoring your chosen programs, and adding or updating scopes as they evolve in real-time. This time-saving add-on streamlines your workflow so you can spend even more time hunting for bugs.
In this guide, we'll walk you through everything you need to know about YesWeCaido – including the benefits it brings, and how to install and use the plugin.
Outline
- What is Caido?
- What is YesWeCaido?
- Installing the YesWeCaido plugin
- Via Caido Community store (Recommended)
- Manual installation
- How to use YesWeCaido
- Conclusion
- References
What is Caido?
Caido is a lightweight web attack proxy tool used for web application security testing. This increasingly popular tool, which is written in Rust, intercepts HTTP traffic between your browser and target applications, allowing you to inspect, modify and replay requests in real time.
What is YesWeCaido?
YesWeCaido is a plugin that allows Caido users to fetch all Bug Bounty Programs from YesWeHack and access their details from within a Caido instance. YesWeCaido is built on YesWeHack’s API server, which ensures that all program details remain up to date as policies evolve and scopes are added.
New or updated scopes, as well as (if required) User-Agents, can be added to your Caido Scopes interface with a click of your mouse.
Installing the YesWeCaido plugin
You can install YesWeCaido from either the YesWeCaido Github repository or, even easier, from the Caido Community Store.
Via Caido Community Store (recommended)
- In Caido, navigate to the plugin page from the left-side panel
- Navigate to the Community Store
- Locate the YesWeCaido plugin and click ‘INSTALL’
Manual installation
- Click on the YesWeCaido Github releases page
- Download the latest plugin_package.zip file
- In Caido, go to the plugins page
- Click ‘Install Package’ and select your downloaded plugin_package.zip file
How to use YesWeCaido
YesWeCaido is easy to use and has a user-friendly interface. You can scroll through all YesWeHack Bug Bounty Programs, search for specific programs, and view program details and policies by clicking on the program card.
If you want to work on a particular scope, simple click ‘ADD’ and the scope will be automatically added to, or updated within, Caido's ‘Scopes’ interface. Adding a User-Agent is also a click away, should a given program require you to use one.
Conclusion
Whether you’re an experienced ethical hacker or just starting out as a bug hunter, integrating YesWeCaido with Caido is a smart, simple way to streamline your workflow and stay focused on what matters: finding vulnerabilities.
Installation is quick and easy, while the plugin’s intuitive interface makes it easy to explore hacking opportunities, track policy changes and fetch updated scopes or add new scopes that catch your eye.
Start using YesWeCaido today to save time and simplify your workflow!