Passive Type Workflows

In this tutorial, we will create a Passive Workflow that will highlight GET requests within the HTTP History tab if they are within the Project's Scope.

INFO

This example Workflow is available for download and import. Download the workflow

Creating a Passive Workflow

Navigate to the Workflow Editor for the Passive type by following these steps:

• Select the Workflow tab from the left-hand menu within the Caido window.
• Select the Passive tab.
• Click + New Workflow.

1. Enter an arbitrary name for your Workflow.
2. (Optional) Enter a description of the workflow.
3. Click Save.

4. Click, hold and drag the In Scope, Matches HTTPQL, If/Else and Set Color Nodes into the pane directly right.

TIP

The On intercept request and Passive End Nodes are already included by default. Passive Workflows do not require an End Node in order to function properly. However, it is recommended that you include it for flow readability.

5. Drag the Nodes into the top-down heirachical structure displayed. Connect them together by making Node Connections.

Connecting the Nodes

The flow of the example Workflow provided above is described below:

1. On intercept request - this Node "Triggers a workflow when a request passes through the proxy":

• It's output is the request object itself.
• This output is referenced by the Alias.Property syntax of $on_intercept_request.request.

2. In Scope - this Node "Checks if a request is in scope":

• It takes the output of $on_intercept_request.request as the value of it's Request input property and checks if the Host of the request is included in any Scopes you have set in the current Caido Project.
• This Node's output is $in_scope.result.

• If True (the request Host is in scope), then the flow will proceed to the Matches HTTPQL Node.
• If False, the flow will proceed to the Passive End Node, ending the action flow against the request since it did not meet the set criteria of the Workflow.

3. Matches HTTPQL - this Node "Matches a request/response against an HTTPQL query":

• The query used in this Workflow example is req.method.eq:"GET".
• It uses the output of $on_intercept_request.request from the On intercept request Node as the value of it's Request input property.
• This Node's output is $matches_httpql.matches.
• The query will check if the request method used is GET for all the requests that are in scope.

4. If/Else - this Node "Branches off based on a condition":

• It uses the output of $matches_httpql.matches as the value of it's Condition input property (select the Use reference checkbox).
• If the request satisfied the HTTPQL query (the request was an in scope GET request), the output of this Node evaluates to the Boolean value of True.
• Else, if the request did not satisfy the HTTPQL query (the request was not in scope/used another method other than GET if it was in scope), the output of this Node evaluates to the Boolean value of False.

• If True then the flow will proceed to the Set Color Node.
• If False, the flow will proceed to the Passive End Node, ending the action flow against the request since it did not meet the set criteria of the Workflow.

5. Set Color - this Node "Sets the row color of a request":

• It will apply the color to the row within the HTTP History tab.
• The Color input property takes the value of a color's Hex code. (The color used in this example is #185a6c.)
• This will be the color used to highlight any requests that have reached this Node within the Workflow by applying it to the request object produced by the output of the On intercept request Node of $on_intercept_request.request.

6. Passive End - this Node "Ends the passive workflow", bringing the workflow to a finished state.

In summary:

"If the Host of a proxied GET request is within a scope I have set, highlight the request in the HTTP History tab feed in navy blue. For all other requests, exit the Passive Workflow."

Results

Once we're done, this workflow will highlight GET requests within the HTTP History tab if they are within the Project's Scope.