Features • Installation • Setup • Usage
YesWeCaido is a Caido plugin that allows you to fetch all bug bounty programs on YesWeHack with all their details to your Caido instance.
YesWeCaido allows to fetch all bug bounty programs on YesWeHack with all their details to your Caido instance. By default it will fetch all public programs. If you provide your JWT for your YesWeHack account you will then be able to see the full list of all your private programs.
When you select a program, YesWeCaido can automatically add the scope to Caido along with the custom User-Agent that the program provides.
You can install YesWeCaido either by Caido's community store or manually.
- In Caido, go to the
Pluginspage in the left side panel - Navigate to the Community Store
- Locate the
YesWeCaidoplugin and click install
- Navigate to this Github repository's Releases page
- Download the latest
plugin_package.zip - In Caido, go to the
Pluginspage - Click 'Install Package' and select your downloaded
plugin_package.zipfile
You can fetch all public programs directly to Caido. However, if you want to fetch your private invites you need to add the JWT to YesWeCaido. You can get the JWT when you have logged in to YesWeHack, then open the browser developer console. When you have the JWT value, inside YesWeCaido, insert the JWT value in the input field located at the top right.
Developer console → Storage → Local Storage → https://yeswehack.com/ → access_token → Copy value (JWT)
Developer console → Application → Local Storage → https://yeswehack.com/ → access_token → Copy value (JWT)
- In Caido, click on
YesWeCaidolocated on the left side panel - In
YesWeCaido, Add your JWT in the top left input field (optional) - Select any program.
- In the new side window that gives all the program details, add the scope and User-Agent (if present)
- You can confirm that the scope and User-Agent have been added by navigating to the Caido's
ScopesandMatch & Replacepage
