Cawght wót Rajan Yadav
Record your app, let AI find where the business logic breaks.
EksperimentelneEksperimentelne
Někotare funkcije mógli se płaśenje pominaśNěkotare funkcije mógli se płaśenje pominaś
Metadaty rozšyrjenja
Wó toś tom rozšyrjenju
Description:
Cawght watches how your web app behaves, then tries to break its business rules.
Traditional security scanners catch XSS and SQL injection — but they don't know that your discount code should only work once, that only admins can delete posts, or that User A shouldn't access User B's data. Cawght does.
How it works:
1. Open the sidebar and click Start Recording.
2. Use your web app normally — browse, click, submit forms.
3. Click Stop & Test — Cawght analyzes the captured traffic.
4. AI generates adversarial test scenarios targeting business logic.
5. Tests run automatically and findings are reported with evidence.
What it catches:
* Privilege escalation
* IDOR (Insecure Direct Object Reference)
* State manipulation
* Business constraint violations
* Data isolation failures
Privacy & Requirements:
* Bring your own AI key (Gemini, OpenAI, or Anthropic).
* No data is collected without your explicit action.
Cawght watches how your web app behaves, then tries to break its business rules.
Traditional security scanners catch XSS and SQL injection — but they don't know that your discount code should only work once, that only admins can delete posts, or that User A shouldn't access User B's data. Cawght does.
How it works:
1. Open the sidebar and click Start Recording.
2. Use your web app normally — browse, click, submit forms.
3. Click Stop & Test — Cawght analyzes the captured traffic.
4. AI generates adversarial test scenarios targeting business logic.
5. Tests run automatically and findings are reported with evidence.
What it catches:
* Privilege escalation
* IDOR (Insecure Direct Object Reference)
* State manipulation
* Business constraint violations
* Data isolation failures
Privacy & Requirements:
* Bring your own AI key (Gemini, OpenAI, or Anthropic).
* No data is collected without your explicit action.
Z 0 wót 0 pógódnośujucych pógódnośony
Pšawa a daty
Trjebne pšawa:
- Pśistup k rejtarikam wobglědowaka měś
- Pśistup k aktiwiśe wobglědowaka za nawigaciju měś
- Pśistup k wašym datam za wšykne websedła měś
Opcionalne pšawa:
- Pśistup k wašym datam za wšykne websedła měś
Trjebne gromaźenje datow, pó wuwijarju:
- Aktiwita websedła
Opcionalne gromaźenje datow, pó wuwijarju:
- Techniske daty a daty interakcije
Dalšne informacije
- Dodankowe wótzkaze
- Wersija
- 2.1.1
- Wjelikosć
- 1,09 MB
- Slědny raz zaktualizěrowany
- hace 16 días (30 de mar. de 2026)
- Pśiswójźbne kategorije
- Licenca
- Wšykne pšawa wuměnjone
- Pšawidła priwatnosći
- Cytajśo pšawidła priwatnosći za toś ten dodank
- Wersijowa historija
- Zběrce pśidaś