OP 03 August, 2023 - 11:56 AM
There has been some buzz around Caido recently – a contender to the Burp crown. Brackish Security testers recently sat down and tried Caido out on some real pentests. Our findings follow.
Keep in mind that Caido is still fairly new, while Burp has been in development and use for a very long time. Additionally, each tester spent less than two hours with Caido, which may have limited their experiences.
Caido Pros
Keep and eye on Caido, and maybe try it out to see what all the fuss is about. It’s always good to keep more tools in your chest! And bookmark this post, because we will update it as we use Caido some more.
Keep in mind that Caido is still fairly new, while Burp has been in development and use for a very long time. Additionally, each tester spent less than two hours with Caido, which may have limited their experiences.
Caido Pros
- Modern look – Brackish testers preferred Caido’s more modern look and color coding of requests and responses.
- Pricing – At $10/month, once Caido reaches feature level parity with Burp, it will be the obvious choice.
- Project Management – Project management in Caido seems to be better.
- Remote Instances – Host it remotely, which allows lower resource devices to run Caido. We all know Burp is resource intensive.
- Lack of Features – Caido is still new, and it lacks the features of Burp. To be clear, it lacks a lot of features. There are no plugins, actives scans, etc.
- Click to Adjust – Testers did not like the click to adjust features of panels within the application.
- No Build in Browser – Some people don’t consider this a con, but a built in browser can be very helpful.
- Slowness – Despite being written in Rust a couple testers felt that Caido was significantly slower than Burp.
Keep and eye on Caido, and maybe try it out to see what all the fuss is about. It’s always good to keep more tools in your chest! And bookmark this post, because we will update it as we use Caido some more.