Cawght di Rajan Yadav
Record your app, let AI find where the business logic breaks.
SperimentaleSperimentale
Alcune funzioni potrebbero essere a pagamentoAlcune funzioni potrebbero essere a pagamento
Metadati estensione
Informazioni sull’estensione
Description:
Cawght watches how your web app behaves, then tries to break its business rules.
Traditional security scanners catch XSS and SQL injection — but they don't know that your discount code should only work once, that only admins can delete posts, or that User A shouldn't access User B's data. Cawght does.
How it works:
1. Open the sidebar and click Start Recording.
2. Use your web app normally — browse, click, submit forms.
3. Click Stop & Test — Cawght analyzes the captured traffic.
4. AI generates adversarial test scenarios targeting business logic.
5. Tests run automatically and findings are reported with evidence.
What it catches:
* Privilege escalation
* IDOR (Insecure Direct Object Reference)
* State manipulation
* Business constraint violations
* Data isolation failures
Privacy & Requirements:
* Bring your own AI key (Gemini, OpenAI, or Anthropic).
* No data is collected without your explicit action.
Cawght watches how your web app behaves, then tries to break its business rules.
Traditional security scanners catch XSS and SQL injection — but they don't know that your discount code should only work once, that only admins can delete posts, or that User A shouldn't access User B's data. Cawght does.
How it works:
1. Open the sidebar and click Start Recording.
2. Use your web app normally — browse, click, submit forms.
3. Click Stop & Test — Cawght analyzes the captured traffic.
4. AI generates adversarial test scenarios targeting business logic.
5. Tests run automatically and findings are reported with evidence.
What it catches:
* Privilege escalation
* IDOR (Insecure Direct Object Reference)
* State manipulation
* Business constraint violations
* Data isolation failures
Privacy & Requirements:
* Bring your own AI key (Gemini, OpenAI, or Anthropic).
* No data is collected without your explicit action.
Voto 0 da 0 revisori
Permessi e dati
Permessi obbligatori:
- Accedere alle schede
- Accedere alle attività durante la navigazione
- Accedere ai dati di tutti i siti web
Permessi facoltativi:
- Accedere ai dati di tutti i siti web
Raccolta dati obbligatoria, secondo lo sviluppatore:
- Attività sul sito web
Raccolta dati facoltativa, secondo lo sviluppatore:
- Dati tecnici e di interazione
Ulteriori informazioni
- Link componente aggiuntivo
- Versione
- 2.1.1
- Dimensione
- 1,09 MB
- Ultimo aggiornamento
- un giorno fa (30 mar 2026)
- Categorie correlate
- Licenza
- Tutti i diritti riservati
- Informativa sulla privacy
- Consulta l’informativa sulla privacy per questo componente aggiuntivo
- Cronologia versioni
- Aggiungi alla raccolta