Authify is a (mostly vibe-coded) Caido plugin for seamless Authorization testing of user roles.
You can use the "How to use" guide in the plugin's navigation bar or find a brief description of features below.
- Authify will automatically repeat requests, replacing headers with those provided in the Configuration
- The responses are compared and assigned "Same", "Simlar" or "Different" based on comparing the Status code and Response Length/Content (or Location Header for 3xx responses)
- Requests can also be viewed in the side menu with the option to switch between the Original and Modified request
- Automatic JSON prettification in Request/Response viewer
- Individual scope selection to filter what Requests are processed by Authify
- Configure Match & Replace rules to replace strings such as CSRF tokens in repeated requests
- Choose to filter certain requests to reduce clutter (OPTIONS requests, styling, javascript and image files)
- Advanced filtering of requests using HTTPQL
- "Send to Replay" sends the current request to a new Replay session
- Memory of selected scope and Config between Caido restarts
- "Process with Authify" - select one or more request from anywhere in Caido to send it straight to Authify
- "Send headers to Authify" - update the Authify Config with one click on a request (useful for updating tokens after logout or token expiry)
- "Apply headers to Replay" - automatically replace headers in any Caido Request and send to a new Replay session
Download from Caido Community Plugin Tab or follow the manual installation instructions below:
- Download the .zip file from https://github.com/saltify7/Authify/releases
- Install to Caido https://docs.caido.io/guides/plugins_installing.html