Skip to main content
Strix includes Caido, a modern HTTP proxy built for security testing. All browser traffic flows through Caido, giving the agent full control over requests and responses.

Capabilities

FeatureDescription
Request CaptureLog all HTTP/HTTPS traffic automatically
Request ReplayRepeat any request with modifications
HTTPQLQuery captured traffic with powerful filters
Scope ManagementFocus on specific domains or paths
SitemapVisualize the discovered attack surface

HTTPQL Filtering

Query captured requests using Caido’s HTTPQL syntax

Request Replay

The agent can take any captured request and replay it with modifications:
  • Change path parameters (test for IDOR)
  • Modify request body (test for injection)
  • Add/remove headers (test for auth bypass)
  • Alter cookies (test for session issues)

Python Integration

All proxy functions are automatically available in Python sessions. This enables powerful scripted security testing: 
# List recent POST requests
post_requests = list_requests(
    httpql_filter='req.method.eq:"POST"',
    page_size=20
)

# View a specific request
request_details = view_request("req_123", part="request")

# Replay with modified payload
response = repeat_request("req_123", {
    "body": '{"user_id": "admin"}'
})
print(f"Status: {response['status_code']}")

Available Functions

FunctionDescription
list_requests()Query captured traffic with HTTPQL filters
view_request()Get full request/response details
repeat_request()Replay a request with modifications
send_request()Send a new HTTP request
scope_rules()Manage proxy scope (allowlist/denylist)
list_sitemap()View discovered endpoints
view_sitemap_entry()Get details for a sitemap entry

Example: Automated IDOR Testing

# Get all requests to user endpoints
user_requests = list_requests(
    httpql_filter='req.path.cont:"/users/"'
)

for req in user_requests.get('requests', []):
    # Try accessing with different user IDs
    for test_id in ['1', '2', 'admin', '../admin']:
        response = repeat_request(req['id'], {
            'url': req['path'].replace('/users/1', f'/users/{test_id}')
        })

        if response['status_code'] == 200:
            print(f"Potential IDOR: {test_id} returned 200")

Scope

Create scopes to filter traffic to relevant domains: 
Allowlist: ["api.example.com", "*.example.com"]
Denylist: ["*.gif", "*.jpg", "*.png", "*.css", "*.js"]