Skip to content

Add Caido integration documentation and workflow images #781

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Jul 6, 2025
Merged

Add Caido integration documentation and workflow images #781

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
2a02009
Add Caido integration documentation and workflow images
hahwul Jul 6, 2025
893b52f
Update docs/page/running/caido.md
hahwul Jul 6, 2025
5d7072b
Update docs/page/running/caido.md
hahwul Jul 6, 2025
ed09a61
Add example Dalfox workflow script for Caido integration
hahwul Jul 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added docs/images/page/running/caido/context.jpg
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/page/running/caido/finding.jpg
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/images/page/running/caido/workflow.jpg
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
4,806 changes: 4,806 additions & 0 deletions docs/llms-full.txt
View file
Open in desktop

Large diffs are not rendered by default.

120 changes: 120 additions & 0 deletions docs/page/running/caido.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,120 @@
---
title: Caido Active Workflow
redirect_from: /docs/caido/
parent: Running
nav_order: 7
toc: true
layout: page
---

# Dalfox Caido Integration
{: .d-inline-block }

New (v2.12.0)
{: .label .label-blue }

## Overview

Dalfox now supports direct integration with [Caido](https://caido.io/), enabling powerful, automated XSS scanning as part of your Caido active workflows. This integration streamlines web security testing by allowing you to invoke Dalfox’s advanced XSS detection on HTTP requests intercepted or crafted within Caido, and view actionable results right in your workflow.

## What is Caido?

Caido is a modern web security toolkit for penetration testers and bug bounty hunters. It provides an intuitive interface for intercepting, modifying, and replaying HTTP requests, and supports extensibility through active workflows and external tool integrations.

By integrating Dalfox with Caido, you can:

- Automatically scan HTTP requests for XSS vulnerabilities
- Receive structured, actionable scan results within Caido
- Enhance your security testing workflow with minimal manual effort

## Setting Up Dalfox with Caido

### Prerequisites

- **Dalfox v2.12.0 or later** installed on your system
- **Caido** installed and running
- **jq** installed on your system

### Installation

If you haven’t installed Dalfox yet, use one of the following methods:

```bash
# From source
go install github.com/hahwul/dalfox/v2@latest

# Homebrew
brew install dalfox

# Snapcraft
snap install dalfox
```

*[Installation](/page/installation/)*

## Configuring the Active Workflow

To use Dalfox as an active workflow in Caido:

1. **Set your Dalfox binary path**
Update the workflow script with the path to your Dalfox executable (you can find it with `which dalfox`):

```bash
DALFOX_PATH="/path/to/your/dalfox"
```

2. **Configure the Caido workflow**
Use the following shell script in your Caido active workflow configuration:
```bash
cat - | jq -r .request | $DALFOX_PATH pipe --rawdata --silence --report --report-format=md
```
This script takes the intercepted HTTP request from Caido, pipes it to Dalfox, and outputs the results in Markdown format.

3. **Save and activate the workflow**
Ensure your workflow is enabled in Caido’s interface.

#### Example Workflow Configuration

![Caido Workflow Configuration](/images/page/running/caido/workflow.jpg)

```bash
# Set your dalfox path
DALFOX_PATH="/Users/hahwul/Projects/dalfox/dalfox"

# Run dalfox
cat - | jq -r .request | $DALFOX_PATH pipe --rawdata --silence --report --report-format=md
```

## Using Dalfox in Caido

Once configured, you can trigger Dalfox scans directly from Caido’s UI. When you send a request through Caido, the active workflow will automatically invoke Dalfox and display the scan results.

#### Running from the Context Menu

You can also run the Dalfox workflow directly from Caido’s context menu. Simply right-click on a request, select `Run workflow`, and choose `XSS Scan`.

![Run Dalfox Workflow from Context Menu](/images/page/running/caido/context.jpg)

#### Example Scan Result in Caido

![Dalfox Scan Result in Caido](/images/page/running/caido/finding.jpg)

## Advanced Usage

You can customize Dalfox’s behavior by modifying the workflow script to include additional flags, such as custom headers, cookies, or Blind XSS callbacks. For example:

```bash
cat - | jq -r .request | $DALFOX_PATH pipe --rawdata --silence --report --report-format=md --header "Authorization: Bearer <token>" -b your-callback.com
```

## Best Practices

1. **Keep Dalfox Updated**: Use the latest version for improved detection and features.
2. **Validate Results**: Manually verify critical findings for accuracy.
3. **Respect Target Systems**: Avoid scanning production systems without permission.
4. **Leverage Caido Context**: Use Caido’s request manipulation features to test various scenarios before scanning.
5. **Secure Sensitive Data**: Be mindful of sensitive information in scan results.

---

By integrating Dalfox with Caido, you can supercharge your web security assessments with automated, reliable XSS detection—right where you need it most.
4 changes: 2 additions & 2 deletions docs/page/running/code.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ go get github.com/hahwul/dalfox/v2/lib
Here is a sample Go program that demonstrates how to use the Dalfox library to perform a scan:

```go
package main
package main

import (
"fmt"
Expand Down Expand Up @@ -95,4 +95,4 @@ You should see output similar to the following:

## More Information

For more information and advanced usage, please refer to the [official Dalfox library documentation](https://pkg.go.dev/github.com/hahwul/dalfox/v2).
For more information and advanced usage, please refer to the [official Dalfox library documentation](https://pkg.go.dev/github.com/hahwul/dalfox/v2).
20 changes: 10 additions & 10 deletions docs/page/running/github-action.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,7 @@ jobs:
target: ${{ github.event.inputs.url }}
mode: url
cmd_options: '--follow-redirects --format json --report'

- name: Display Results
run: echo "${{ steps.xss-scan.outputs.result }}"
```
Expand Down Expand Up @@ -140,7 +140,7 @@ jobs:
https://example.com/news?article=latest
mode: pipe
cmd_options: '--follow-redirects --format json --report --output scan-results.json'

- name: Upload scan results
uses: actions/upload-artifact@v3
with:
Expand Down Expand Up @@ -170,21 +170,21 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v3

- name: Set up test environment
run: |
# Set up your application for testing
# E.g., npm install && npm start
echo "Starting application on http://localhost:3000"

- name: Dalfox scan
uses: hahwul/action-dalfox@main
id: xss-scan
with:
target: 'http://localhost:3000'
mode: url
cmd_options: '--follow-redirects --deep-domxss --format json'

- name: Check for vulnerabilities
run: |
if [[ "${{ steps.xss-scan.outputs.result }}" == *"[POC]"* ]]; then
Expand All @@ -211,7 +211,7 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v3

- name: Dalfox scan
uses: hahwul/action-dalfox@main
id: xss-scan
Expand All @@ -237,7 +237,7 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v3

- name: Dalfox scan
uses: hahwul/action-dalfox@main
id: xss-scan
Expand All @@ -263,15 +263,15 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v3

- name: Dalfox scan
uses: hahwul/action-dalfox@main
id: xss-scan
with:
target: './security/target-urls.txt'
mode: file
cmd_options: '--mass-worker 5 --format json --output scan-results.json'

- name: Upload scan results
uses: actions/upload-artifact@v3
with:
Expand Down Expand Up @@ -323,7 +323,7 @@ cmd_options: '--worker 50 --delay 100 --timeout 5'

### Common Issues

1. **Action fails with timeout**:
1. **Action fails with timeout**:
- Increase the timeout value in cmd_options
- Reduce the number of targets or parallel workers

Expand Down
22 changes: 11 additions & 11 deletions docs/page/running/mcp.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,14 @@
title: MCP Mode
parent: Running
has_children: false
nav_order: 4
nav_order: 6
layout: page
---

# Dalfox MCP Mode
{: .d-inline-block }

New (v2.11.0)
New (v2.11.0)
{: .label .label-blue }

## Overview
Expand Down Expand Up @@ -56,9 +56,9 @@ VS Code provides robust support for MCP tools when used with AI coding assistant
*[Installation](/page/installation/)*

2. **Configure VS Code settings**

To enable the dalfox server in VS Code, update your `settings.json` file with the following configuration:

```json
{
"mcp": {
Expand All @@ -79,9 +79,9 @@ VS Code provides robust support for MCP tools when used with AI coding assistant
This setup defines a server named dalfox that uses standard input/output (stdio) and runs the command `dalfox server --type=mcp`. You can manually add the server by pressing `⌘` + `⇧` + `p`, selecting MCP: Add Server, choosing `Command (stdio)`, and entering `dalfox server --type=mcp` in the input field. This ensures seamless integration of the dalfox server with your VS Code environment.

3. **Use with AI assistant**

Now your AI coding assistant can directly use Dalfox to scan for XSS vulnerabilities. For example, you can ask:

```
"Can you scan this URL for XSS vulnerabilities using Dalfox?"
```
Expand Down Expand Up @@ -128,9 +128,9 @@ Claude Desktop is Anthropic's standalone application that can integrate with ext
```

3. **Use with Claude**

You can now use Dalfox directly through Claude's interface:

```
"Can you scan https://xss-game.appspot.com/level1/frame for XSS vulnerabilities"
```
Expand Down Expand Up @@ -161,7 +161,7 @@ The AI assistant will translate these requests into the appropriate Dalfox comma
Ask your AI assistant to review code and then scan endpoints for vulnerabilities:

```
"Review this controller code and identify any potential XSS vulnerabilities.
"Review this controller code and identify any potential XSS vulnerabilities.
Then use Dalfox to scan the corresponding endpoints."
```

Expand All @@ -170,14 +170,14 @@ Then use Dalfox to scan the corresponding endpoints."
Have the AI assistant help with targeted testing:

```
"I found a potential XSS vulnerability in the search parameter.
"I found a potential XSS vulnerability in the search parameter.
Can you use Dalfox to verify if it's exploitable?"
```

## Best Practices

1. **Keep Dalfox Updated**: Ensure you're using the latest version for the most current security checks
2. **Validate Results**: Always verify AI-interpreted scan results manually for critical systems
2. **Validate Results**: Always verify AI-interpreted scan results manually for critical systems
3. **Rate Limiting**: Be mindful of scan frequency to avoid overwhelming target systems
4. **Context Matters**: Provide AI assistants with sufficient context about targets for more effective scanning
5. **Security Awareness**: Remember that scan results might contain sensitive information