Custom passive workflows for Caido proxy, designed for bug bounty automation. Each workflow runs external CLI tools against intercepted HTTP responses and creates findings directly in Caido.
| Workflow | Tool | Description |
|---|---|---|
| gitleaks-scanner | gitleaks | Detect leaked secrets in HTTP responses |
| jsluice-urls | jsluice | Extract URLs and API endpoints from JS responses |
- Install prerequisites (see each workflow's README) — all workflows also require
jq(brew install jq) - Download the
.jsonfile from the latest release, or build withpython3 scripts/build.py - Caido → Workflows → Import → select the file → Enable
The workflows add /opt/homebrew/bin and ~/go/bin to PATH by default. If your tools are installed elsewhere, edit the Init field in the Shell node.