caido VS hetty

Caido[1] a interception proxy written in Rust, is positioning itself as a "lightweight" alternative to Burp. It can't compete yet with Burp in terms of functionality, although it's certainly looking promising.

Perhaps one of few contenders to Burp in respect to features is ZAP[2].

[1] https://caido.io/

[2] https://www.zaproxy.org/

Thanks for the review and kind words. This was really one of the core goal to make it super accessible.

We developed it in Rust because we wanted to create a client/server architecture that you can deploy everywhere (Caido runs even on a rapsberry pi). We worked a lot on the frontend to make it snappy too, so its a combination of both.

Yes for sure, there is a privacy concern too with us forwarding request. It is in the issues of https://github.com/caido/caido.

I have not tried it myself, but there is a tool called Caido https://www.youtube.com/watch?v=qLVu7rg9btk

Yes we are planning to work on extensions, but it is a bit more complicated to do in compiled languages like Rust and we have some tech debt to repay before we can start the work on that. You can follow the issue https://github.com/caido/caido/issues/2

FWIW: I'm building something in Go (https://github.com/dstotijn/hetty). But it's pretty early stage and not even near the featureset that mitmproxy or Burp Suite has. Also I wouldn't dare say it's more efficient (yet!). But Go has been great so far to build it.

As mentioned elsewhere: (dev friendly) extensibility/add-ons with Go will be an interesting challenge. Haven't looked into it yet.

dstotijn/hetty (Go): Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community.