Scanner
The Scanner is Caido's official template-based, vulnerability detection engine that brings automated security testing capabilities to Caido.
INFO
The Scanner is available for installation in the Official tab of the Plugin interface.
Checks
The templates utilized by the plugin are referred to as "checks" and contain the logic for identifying specific security issues.
To view the checks available, navigate to the Scanner plugin interface and click on the Checks tab.
Each check is listed as a table row. A check's metadata information, including a description of the vulnerability tested for and categorical tags, can be viewed by clicking on the button attached to its row. The metadata also includes a check's:
Type: Passive type checks are silent enough to run in the background without causing noise. Active type checks require more noticible interaction with the target.Aggressivity: The number of requests that are generated and sent.
Selecting Checks
The Scanner plugin runs checks either passively as traffic is proxied through Caido or actively against manually selected requests.
To include or exclude a check in either passive or active scanning, click on it's associated checkbox in the Passive or Active column.
Check Presets
Predefined selections of passive and active checks are available as check presets. To save your current selection of checks as a custom preset, click on the + New Preset button.
Passive Scanning
By default, once the Scanner plugin is installed, passive scanning is enabled against in-scope proxied traffic. To disable passive scanning or apply it to all proxied traffic, navigate to the Settings tab interface.
This interface also includes rate limiting options and allows you to select the vulnerability severity levels that should generate findings upon detection.
Active Scanning
To execute a scan manually against a specific request right-click within a request pane or on a traffic table row, hover your mouse cursor over Plugins and Scanner, and select Run Active Scanner to open the Scan Launcher window.
TIP
To scan multiple requests, either CTRL + click select multiple rows or select a range of rows with SHIFT + click.
All requests that the scan will be applied to will be listed in the Targets tab.
Additional configuration options for active scans are available in the Configuration tab.
Once the active scan is configured, click on the Run Scan button to run the enabled active checks.
In addition to generating findings, the results of ongoing and completed active scans are available in the Dashboard tab interface.
TIP
To interupt an in-progress active scan, click on the Cancel button.
