4.2. Web analyst fiddler

20
Debugging proxy tuning for fun and profit By Peter Volkov

TAGS:

Transcript of 4.2. Web analyst fiddler

Page 1: 4.2. Web analyst fiddler

Debugging proxy tuning for fun and profit

By Peter Volkov

Page 2: 4.2. Web analyst fiddler

Still using wireshark for HTTP debugging/analysis?

Page 3: 4.2. Web analyst fiddler

Use appropriate tools!

Page 4: 4.2. Web analyst fiddler

JScript based scripting engine

Page 5: 4.2. Web analyst fiddler

Fiddler script basics

Page 6: 4.2. Web analyst fiddler

My favorite use case:Where did this @$%^ came from?

Easy case:

Page 7: 4.2. Web analyst fiddler

But what if plaintext search doesn’t help?

Inspect all these 60+ js from 10+ hosts manually?

Page 8: 4.2. Web analyst fiddler

Breakpoints!

Page 9: 4.2. Web analyst fiddler

Breakpoints!

Page 10: 4.2. Web analyst fiddler

Fiddler script basics

Page 11: 4.2. Web analyst fiddler

Fiddler script basics

Page 12: 4.2. Web analyst fiddler
Page 13: 4.2. Web analyst fiddler
Page 14: 4.2. Web analyst fiddler

Go get some exploit kits regexps onhttp://www.malwaresigs.com/

Page 15: 4.2. Web analyst fiddler

Dyndns, .in, .cn, etc

http://mirror1.malwaredomains.com/files/dynamic_dns.txt

Page 16: 4.2. Web analyst fiddler
Page 17: 4.2. Web analyst fiddler
Page 18: 4.2. Web analyst fiddler

Setting referrer

Disabling HTTP cookies

Page 19: 4.2. Web analyst fiddler

Download ‘em all!

Page 20: 4.2. Web analyst fiddler

The end.


Fiddler on the Roof.indd

Fiddler on the Roof.indd

Fiddler Crabs

Fiddler Crabs

Fiddler co.. Ltd. e, 9. presents FIDDLER ON THE ROOF Base ...

Fiddler co.. Ltd. e, 9. presents FIDDLER ON THE ROOF Base ...

Fiddler on the Roof

Fiddler on the Roof

Fiddler web testing tool

Fiddler web testing tool

Fiddler on the Roof 2

Fiddler on the Roof 2

Backdrop Recommendations List for the staging of Fiddler ...schellscenic.com/rentals/backdrops/Plays/Fiddler.pdf · Fiddler on the Roof Fiddler on the Roof Scenic Backdrop # Act I

Backdrop Recommendations List for the staging of Fiddler ...schellscenic.com/rentals/backdrops/Plays/Fiddler.pdf · Fiddler on the Roof Fiddler on the Roof Scenic Backdrop # Act I

Fiddler on the Roof Rehearsal - svct.org · Fiddler on the Roof Rehearsal . Morgan Hill Times | Lora Schraft/Chief Photographer . Esteban Zapiain, playing the role of the fiddler,

Fiddler on the Roof Rehearsal - svct.org · Fiddler on the Roof Rehearsal . Morgan Hill Times | Lora Schraft/Chief Photographer . Esteban Zapiain, playing the role of the fiddler,

Defcon 16 Tobias Fiddler

Defcon 16 Tobias Fiddler

Fiddler on the Roof Trumpet

Fiddler on the Roof Trumpet

Top Fiddler - nebula.wsimg.com

Top Fiddler - nebula.wsimg.com

BAREFOOT FIDDLER - InstantEncoredata.instantencore.com/pdf/1002018/ACO-105+Fiddler+-+IPHONE.pdf · BAREFOOT FIDDLER PATRICIA KOPATCHINSKAJA Guest Director and Lead Violin Th e Australian

BAREFOOT FIDDLER - InstantEncoredata.instantencore.com/pdf/1002018/ACO-105+Fiddler+-+IPHONE.pdf · BAREFOOT FIDDLER PATRICIA KOPATCHINSKAJA Guest Director and Lead Violin Th e Australian

Policy brief fiddler v1

Policy brief fiddler v1

Fiddler On The Street

Fiddler On The Street

Fiddler Callbacks

Fiddler Callbacks

Fiddler on the Roof program

Fiddler on the Roof program

Phil, The Fiddler - Horatio Alger

Phil, The Fiddler - Horatio Alger

Advanced Web Debugging with Fiddler

Advanced Web Debugging with Fiddler

Debugging with Fiddler

Debugging with Fiddler

Fiddler Web debugger

Fiddler Web debugger