Fiddler Intro
-
Upload
saurav-paul -
Category
Documents
-
view
119 -
download
1
Transcript of Fiddler Intro
Fiddler
Introducing Fiddler
• HTTP/HTTPS Debugger• Runs as a proxy server on the local machine
or on a remote server• Written in C# (.NET Framework v2.0)• Freely available from
http://www.fiddler2.com
How does Fiddler work?
Internet Explorer
WinINET
Office
CryptoAPI WinHTTP
Fiddler
Firefox
CorpNET Proxy
example.com
Firewall
Debugging non-Windows clients
Fiddler
Mac
Internet
Linu
xPo
cket
PCPC
Who uses Fiddler?
• Microsoft engineers• Support teams• Lots of external web developers (10K+
downloads per week)• Security researchers
• Some bad guys
What can Fiddler do?
• HTTP/HTTPS traffic monitoring and analysis
• Request and response modification• Timing and network manipulation
HTTPS Traffic Decryption
Fiddler UI: Session List
• Lists all traffic• URLs, size, and key
headers• Icons show status of
request/response
• Icons show status of request/response
Fiddler UI: Inspectors
Inspectors allow you to visualize requests and responses in meaningful ways.
FiddlerScript Rules• Rules are where Fiddler gets really fun!• Use JavaScript to manipulate request or
response headers or entity body.
Extending Fiddler UI
FiddlerScript and extensions can add new menu items or tabs.
Using Simple Filters
Flag, modify or remove headers from all requests and responses.
AutoResponder
Replay previously captured or generated traffic.
Request Builder
Create hand-built HTTP requests, or modify and
reissue a request previously captured.
Traffic Comparison
Use WinDiff to compare HTTP requests and
responses.
QuickExec
QuickExec allows you to issue textual commands directly…
Search Traffic
Search for strings in all captured
traffic.
Text Encoding / Decoding
Convert text between popular web encodings.
SAZ Files
• “Session Archive ZIP” files store raw traffic.• SAZ files are compressed and may be
password protected.• SAZ files can be reopened by Fiddler or
standard ZIP utilities.• FiddlerCap allows capture of SAZ files by
non-technical, often remote, users.
FiddlerCap
Use FiddlerCap for remote collection of evidence.
www.fiddlercap.com
Fiddler 2
Fiddler ScriptEngine
Inspector2
Inspector2
IFiddlerExtension
IFiddlerExtension
FiddlerCore
Exec
Actio
n.ex
e
YourApp.exe
FiddlerCore
Fiddler application with extensions Your application hosting FiddlerCore
Your FiddlerScript
Xceed*.dll Makecert.exe Xceed*.dll Makecert.exe
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as
of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES,
EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Questions?
https://www.fiddler2.com