npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@filipnyquist/caidos

v0.1.0

Published

CLI interface for Caido proxy — HTTP traffic analysis, request replay, and security testing with JSON output

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

filipnyquistfilipnyquist

Keywords

caidoproxyhttpsecuritypentestclireplayburp

Readme

caidos

A command-line interface for Caido proxy, built with Bun and the official @caido/sdk-client SDK. Designed for terminal-based HTTP traffic analysis, request replay, and security testing — with machine-readable JSON output suitable for AI agent consumption.

Install

# Run without installing (bunx)
bunx caidos setup <your-pat>
bunx caidos recent

# Or clone and run locally
git clone https://github.com/filipnyquist/caidos.git
cd caidos && bun install
bun run src/cli.ts setup <your-pat>

Claude Code Skill

Install the /caido skill for Claude Code:

# Personal (available in all projects)
bunx caidos install-skill

# Project-scoped (version-controlled with repo)
bunx caidos install-skill --project

After installing, use /caido in any Claude Code session to interact with Caido proxy.

Setup

Authenticate

Configure your Caido Personal Access Token:

bunx caidos setup <your-pat>
bunx caidos setup <your-pat> --url https://caido.example.com

Or set environment variables:

export CAIDO_URL=http://localhost:8080  # default
export CAIDO_PAT=<your-pat>

Tokens are cached to ~/.caido-cli/ for fast subsequent invocations (~70ms auth).

Commands

All commands output JSON to stdout, diagnostics to stderr.

Request History

# Search with HTTPQL filter
caidos search 'req.host.eq:"example.com"'
caidos search 'resp.code.eq:"403"' --limit 10

# List recent requests
caidos recent --limit 20

# Get full request/response by ID
caidos get 42 --max-body 5000

# Export as curl
caidos export-curl 42

Replay

# Replay a request from history (~0.5s response time)
caidos send 42
caidos send 42 --keep              # persist in Caido Replay UI
caidos send 42 --max-body 10000

# Send a raw HTTP request
caidos send-raw "GET /api/users HTTP/1.1\r\nHost: example.com\r\n\r\n" example.com 443 true
caidos send-raw "POST /login HTTP/1.1\r\nHost: example.com\r\nContent-Length: 28\r\n\r\nusername=admin&password=x" example.com 443 true --keep

# List replay sessions
caidos replay-sessions

# View entries in a session
caidos replay-entries 1 --max-body 2000

# Delete sessions
caidos delete-sessions 1 2 3

Findings

# List security findings
caidos findings --limit 20

# Get finding details
caidos get-finding 1

# Create a finding
caidos create-finding 42 --title "XSS in search parameter" --desc "Reflected input in /search?q="

Management

caidos scopes          # List scopes
caidos filters         # List filter presets
caidos projects        # List projects
caidos envs            # List environments
caidos workflows       # List workflows
caidos select-project 2  # Switch active project

Intercept

caidos intercept-status    # RUNNING or PAUSED
caidos intercept-enable    # Resume intercept
caidos intercept-disable   # Pause intercept

Info

caidos health     # Instance health check
caidos instance   # Instance settings
caidos viewer     # Current user
caidos plugins    # List installed plugins

Utilities

caidos encode url "hello world"
caidos encode base64 "secret"
caidos decode hex "48656c6c6f"

HTTPQL Syntax

Caido uses HTTPQL for filtering request history. Values must be quoted:

| Filter | Example | |--------|---------| | Method | req.method.eq:"POST" | | Host | req.host.eq:"api.example.com" | | Path | req.path.contain:"/api/" | | Status code | resp.code.eq:"200" | | Combined | req.method.eq:"POST" AND resp.code.eq:"403" |

Common Flags

| Flag | Default | Description | |------|---------|-------------| | --limit N | 50 | Max results to return | | --max-body N | 2000 | Max response body bytes to include | | --keep | off | Persist replay session in Caido UI | | --url U | - | Override Caido instance URL | | --help | - | Show usage |

Architecture

src/
  cli.ts              Entry point, arg parsing, command dispatch
  client.ts           SDK client singleton, PAT auth, token caching
  output.ts           HTTP message decoding, truncation, curl export
  commands/
    requests.ts       search, recent, get, export-curl
    replay.ts         send, send-raw, replay-sessions, replay-entries, delete-sessions
    findings.ts       findings, get-finding, create-finding
    management.ts     scopes, filters, projects, envs, workflows
    intercept.ts      intercept-status, intercept-enable, intercept-disable
    info.ts           health, instance, viewer, plugins, setup
    encode.ts         encode, decode utilities
    skill.ts          install-skill command

Requirements

  • Bun >= 1.0
  • Caido instance with a Personal Access Token