Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I am a Burp guy, but lately Caido[1] has been trending, pretty lightweight and can be ran in headless mode. It's still very security-oriented (as Burp Suite is), but might be worth your time, notably as you can run it on a VPS/container to proxy all your traffic through it (which is by-design, contrary to my beloved burp/zap)

[1] https://caido.io/



Caido co-founder here, thanks for the shoutout! We are slowly moving to the DevSecOps space too.


Please consider allowing the user to modify the TLS handshake / ClientHello. Out of all proxies I have used only Burp offers this through a plugin / extension.


Agreed this is something we need to do, but not easy to do properly. The TLS 1.3 spec has a lot of extensions, currently we use openssl that for example doesn't support GREASE.


My pleasure, your team is doing a great job and its good to see competition in that space, forces everyone to push forward :D




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: