New! Learn Caido hands-on with LabsStart Learning
CaidoCaido
Advanced Query Language

HTTPQL

Powerful query language for filtering and analyzing HTTP traffic. Search requests, responses, and metadata with precision using intuitive syntax.

Powerful Features

HTTPQL provides everything you need to efficiently filter and analyze HTTP traffic with precision and speed.

Powerful Filtering

Filter HTTP request, responses, and metadata with precision and ease.

Intuitive Syntax

Write queries using familiar syntax with logical operators (AND, OR) and grouping for complex filtering scenarios.

Query Presets

Save and reuse common queries as presets. Create libraries of filters for different testing scenarios.

Real-time Filtering

Filter live traffic as it flows through the proxy. See only the requests and responses that match your criteria in real-time.

Historical Analysis

Query your entire project history. Analyze patterns, find anomalies, and discover security issues across all captured traffic.

Query Examples

See HTTPQL in action with these real-world examples used by security professionals.

Find API Keys

Search for exposed API keys and tokens in responses

resp.raw.cont:"api_key" OR resp.raw.cont:"secret" OR resp.raw.cont:"token"

Filter by Status Code

Find all 4xx and 5xx error responses

resp.code.gte:400

Exclude Static Assets

Remove images, CSS, and JS files from view

req.ext.ne:".js" AND req.ext.ne:".css" AND req.ext.ne:".png" AND req.ext.ne:".jpg"

Find SQL Errors

Detect potential SQL injection vulnerabilities

resp.raw.cont:"SQL syntax" OR resp.raw.cont:"mysql_fetch" OR resp.raw.cont:"ORA-"

Slow Requests

Identify requests taking longer than 5 seconds

resp.roundtrip.gt:5000

Specific Host

Filter traffic for a specific domain

req.host.eq:"api.example.com"

HTTPQL Syntax

HTTPQL uses a simple but powerful syntax with namespaces, fields, operators, and values.

Basic Structure

Namespaces

req - req - HTTP requests
resp - resp - HTTP responses
row - row - Table rows

Common Fields

req.host - req.host - Request hostname
req.method - req.method - HTTP method
resp.code - resp.code - Status code
resp.roundtrip - resp.roundtrip - Response time

Example Queries

Find all POST requests
req.method.eq:"POST"
Find error responses
resp.code.gte:400
Complex filtering
req.host.cont:"api" AND resp.code.eq:200

Start Using HTTPQL Today

Download Caido and experience the power of HTTPQL for yourself. Filter traffic with precision and discover security issues faster than ever.

Caido

Get Started with Caido today

Join the ranks of professionals who are switching to Caido for their security testing needs.

We value your privacy

We use cookies to enhance your browsing experience, serve personalized content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies. Click "Essential Only" to only allow cookies necessary for the website to function.