Cawght por Rajan Yadav
Record your app, let AI find where the business logic breaks.
ExperimentalExperimental
Algunas características pueden ser de pagoAlgunas características pueden ser de pago
Metadata de la extensión
Sobre esta extensión
Description:
Cawght watches how your web app behaves, then tries to break its business rules.
Traditional security scanners catch XSS and SQL injection — but they don't know that your discount code should only work once, that only admins can delete posts, or that User A shouldn't access User B's data. Cawght does.
How it works:
1. Open the sidebar and click Start Recording.
2. Use your web app normally — browse, click, submit forms.
3. Click Stop & Test — Cawght analyzes the captured traffic.
4. AI generates adversarial test scenarios targeting business logic.
5. Tests run automatically and findings are reported with evidence.
What it catches:
* Privilege escalation
* IDOR (Insecure Direct Object Reference)
* State manipulation
* Business constraint violations
* Data isolation failures
Privacy & Requirements:
* Bring your own AI key (Gemini, OpenAI, or Anthropic).
* No data is collected without your explicit action.
Cawght watches how your web app behaves, then tries to break its business rules.
Traditional security scanners catch XSS and SQL injection — but they don't know that your discount code should only work once, that only admins can delete posts, or that User A shouldn't access User B's data. Cawght does.
How it works:
1. Open the sidebar and click Start Recording.
2. Use your web app normally — browse, click, submit forms.
3. Click Stop & Test — Cawght analyzes the captured traffic.
4. AI generates adversarial test scenarios targeting business logic.
5. Tests run automatically and findings are reported with evidence.
What it catches:
* Privilege escalation
* IDOR (Insecure Direct Object Reference)
* State manipulation
* Business constraint violations
* Data isolation failures
Privacy & Requirements:
* Bring your own AI key (Gemini, OpenAI, or Anthropic).
* No data is collected without your explicit action.
Rated 0 by 0 reviewers
Permissions and data
Permisos requeridos:
- Acceder a las pestañas del navegador
- Acceder a la actividad del navegador mientras navegas
- Acceder a tus datos para todos los sitios web
Permisos opcionales:
- Acceder a tus datos para todos los sitios web
Required data collection, according to the developer:
- Website activity
Optional data collection, according to the developer:
- Technical and interaction data
Más información
- Enlaces del complemento
- Versión
- 2.1.1
- Tamaño
- 1,09 MB
- Última actualización
- hace un día (30 de mar. de 2026)
- Categorías relacionadas
- Licencia
- Todos los derechos reservados
- Política de privacidad
- Leer la política de privacidad de este complemento
- Historial de versiones
- Añadir a la colección