A powerful AI-powered assistant for Caido web application security testing, built with Claude AI
Claude Desktop Integration
Ebka AI is an AI-powered assistant that integrates seamlessly with Caido, providing intelligent security testing capabilities through natural language commands and automated workflows. Built with Claude AI, it offers advanced HTTPQL query search, match/replace operations, replay session management, and AI-powered security analysis.
Ebka AI provides 30+ powerful Claude tools for Caido:
- HTTPQL Query Search: Advanced filtering and analysis using HTTPQL syntax
- Request/Response Viewing: Inspect individual requests and responses by ID
- Custom Request Sending: Send HTTP requests with full control over headers, body, and parameters
- WebSocket Stream Management: Read and analyze WebSocket streams
- Replay Collections: Create, list, and manage replay session collections
- Session Operations: Rename sessions, move between collections, and execute automated testing
- Connection Management: Monitor and analyze replay connections and requests
- Findings CRUD: Create, read, update, and delete security findings
- Advanced Filtering: List findings with pagination, filtering, and sorting
- Comprehensive Data: Access detailed finding information including request/response bodies
- Tamper Rule Collections: Organize and manage rule collections
- Rule Management: Create, update, and manage sophisticated find/replace operations
- Advanced Filtering: Search and filter rules by collection and criteria
- Create and update Filters
- Full scope management: CRUD scopes, use created scopes in HTTPQL
- Claude Integration: Leverage Claude AI for intelligent security insights
- Natural Language: Interact with security tools using natural language commands
- Automated Workflows: Streamline security testing with AI-assisted automation
- Caido web application security testing platform
- Node.js (version 18 or higher) — for MCP server
- For Direct Usage: Claude API key from Anthropic Console
There are multiple ways to interact with the Caido AI Assistant:
The easiest way to get started. No need to clone the repository or build anything.
Add to your claude_desktop_config.json:
{
"mcpServers": {
"caido": {
"command": "npx",
"args": ["-y", "ebka-caido-ai"],
"env": {
"CAIDO_BASE_URL": "http://localhost:8080"
}
}
}
}Note: If Caido is running on a different port, update
CAIDO_BASE_URLaccordingly (e.g.,http://localhost:8081).
Authenticate with Caido:
- Open Claude Desktop and start a conversation
- When you try to use any Caido tool, Claude will automatically detect that authentication is required
- Use the
authenticatetool to start the OAuth flow - Claude will provide a verification URL — click it to authorize in your browser
- After authorizing, use the
check_authenticationtool to complete the setup - The MCP server will automatically manage your authentication token
That's it! You can now communicate with Caido through Claude.
Claude Desktop Integration
If you prefer to build from source:
-
Clone and build:
git clone https://github.com/Slonser/Ebka-Caido-AI.git cd Ebka-Caido-AI/claude-mcp-server npm install npm run build -
Add to
claude_desktop_config.json:{ "mcpServers": { "caido": { "command": "node", "args": ["/path/to/Ebka-Caido-AI/claude-mcp-server/build/index.js"], "env": { "CAIDO_BASE_URL": "http://localhost:8080" } } } }Replace
/path/to/with the actual path to your cloned repository. -
Follow the same authentication steps as described in Method 1.
- Enter your API KEY in the plugin tab
- Use the functionality directly from Caido without Claude Desktop
Direct Caido Integration
-
Clone the repository:
git clone https://github.com/Slonser/Ebka-Caido-AI.git cd Ebka-Caido-AI -
Install dependencies:
pnpm install # or if using npm: # npm install
-
Build the project:
pnpm build # or if using npm: # npm run build
-
Install in Caido:
- Open Caido
- Go to Settings > Plugins
- Click "Install from file"
- Select the built plugin file from the appropriate directory
-
Access Ebka AI:
- After installation, find "Ebka AI" in your Caido sidebar
- Click to open the AI assistant interface
-
Configure your settings:
- Enter your Claude API key for direct usage
- Configure Claude Desktop integration if using the MCP server
- Set up your preferred security testing workflows
-
Use AI-powered features:
- Ask natural language questions about your security testing
- Use HTTPQL queries to search through requests
- Create and manage match/replace rules
- Execute replay sessions and collections
- Generate security findings with AI assistance
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the GPL-3.0 License - see the LICENSE file for details.