Cawght por Rajan Yadav
Record your app, let AI find where the business logic breaks.
ExperimentalExperimental
Algumas funcionalidades podem solicitar pagamentoAlgumas funcionalidades podem solicitar pagamento
Nenhum usuárioNenhum usuário
Metadados da extensão
Sobre esta extensão
Description:
Cawght watches how your web app behaves, then tries to break its business rules.
Traditional security scanners catch XSS and SQL injection — but they don't know that your discount code should only work once, that only admins can delete posts, or that User A shouldn't access User B's data. Cawght does.
How it works:
1. Open the sidebar and click Start Recording.
2. Use your web app normally — browse, click, submit forms.
3. Click Stop & Test — Cawght analyzes the captured traffic.
4. AI generates adversarial test scenarios targeting business logic.
5. Tests run automatically and findings are reported with evidence.
What it catches:
* Privilege escalation
* IDOR (Insecure Direct Object Reference)
* State manipulation
* Business constraint violations
* Data isolation failures
Privacy & Requirements:
* Bring your own AI key (Gemini, OpenAI, or Anthropic).
* No data is collected without your explicit action.
Cawght watches how your web app behaves, then tries to break its business rules.
Traditional security scanners catch XSS and SQL injection — but they don't know that your discount code should only work once, that only admins can delete posts, or that User A shouldn't access User B's data. Cawght does.
How it works:
1. Open the sidebar and click Start Recording.
2. Use your web app normally — browse, click, submit forms.
3. Click Stop & Test — Cawght analyzes the captured traffic.
4. AI generates adversarial test scenarios targeting business logic.
5. Tests run automatically and findings are reported with evidence.
What it catches:
* Privilege escalation
* IDOR (Insecure Direct Object Reference)
* State manipulation
* Business constraint violations
* Data isolation failures
Privacy & Requirements:
* Bring your own AI key (Gemini, OpenAI, or Anthropic).
* No data is collected without your explicit action.
Avaliado em 0 por 1 revisor
Permissões e dados
Permissões necessárias:
- Acessar as abas do navegador
- Acessar atividades do navegador durante a navegação
- Acessar seus dados em todos os sites visitados
Permissões opcionais:
- Acessar seus dados em todos os sites visitados
Coleta de dados necessária, de acordo com o desenvolvedor:
- Atividades em sites
Coleta de dados opcional, de acordo com o desenvolvedor:
- Dados técnicos e de interação
Mais informações
- Links da extensão
- Versão
- 2.1.1
- Tamanho
- 1,09 MB
- Ultima atualização
- há 2 meses (30 de mar de 2026)
- Categorias relacionadas
- Licença
- Todos os direitos reservados
- Política de privacidade
- Leia a política de privacidade desta extensão
- Histórico de versões
- Adicionar a uma coleção