Cawght av Rajan Yadav
Record your app, let AI find where the business logic breaks.
EksperimentellEksperimentell
Nokre funskjonar kan krevje betalingNokre funskjonar kan krevje betaling
Ingen brukararIngen brukarar
Metadata for utvidingar
Om denne utvidinga
Description:
Cawght watches how your web app behaves, then tries to break its business rules.
Traditional security scanners catch XSS and SQL injection — but they don't know that your discount code should only work once, that only admins can delete posts, or that User A shouldn't access User B's data. Cawght does.
How it works:
1. Open the sidebar and click Start Recording.
2. Use your web app normally — browse, click, submit forms.
3. Click Stop & Test — Cawght analyzes the captured traffic.
4. AI generates adversarial test scenarios targeting business logic.
5. Tests run automatically and findings are reported with evidence.
What it catches:
* Privilege escalation
* IDOR (Insecure Direct Object Reference)
* State manipulation
* Business constraint violations
* Data isolation failures
Privacy & Requirements:
* Bring your own AI key (Gemini, OpenAI, or Anthropic).
* No data is collected without your explicit action.
Cawght watches how your web app behaves, then tries to break its business rules.
Traditional security scanners catch XSS and SQL injection — but they don't know that your discount code should only work once, that only admins can delete posts, or that User A shouldn't access User B's data. Cawght does.
How it works:
1. Open the sidebar and click Start Recording.
2. Use your web app normally — browse, click, submit forms.
3. Click Stop & Test — Cawght analyzes the captured traffic.
4. AI generates adversarial test scenarios targeting business logic.
5. Tests run automatically and findings are reported with evidence.
What it catches:
* Privilege escalation
* IDOR (Insecure Direct Object Reference)
* State manipulation
* Business constraint violations
* Data isolation failures
Privacy & Requirements:
* Bring your own AI key (Gemini, OpenAI, or Anthropic).
* No data is collected without your explicit action.
Vurdert 0 av 0 meldarar
Løyve og data
Påkravde løyve:
- Få tilgang til nettlesarfaner
- Tilgang til nettlesaraktivitet under navigering
- Tilgang tiil dataa dine frå alle nettsider
Valfrie løyve:
- Tilgang tiil dataa dine frå alle nettsider
Påkravd datainnsamling, ifølgje utviklaren:
- Nettstadaktivitet
Valfri datainnsamling, ifølgje utviklaren:
- Tekniske data og samhandlingsdata
Meir informasjon
- Lenker for tillegg
- Versjon
- 2.1.1
- Storleik
- 1,09 MB
- Sist oppdatert
- ein månad sidan (30. mars 2026)
- Liknande kategoriar
- Lisens
- Alle rettar med atterhald
- Personvernpraksis
- Les personvernpraksisen for denne utvidinga
- Versjonshistorikk
- Legg til i samling