You are on page 1of 22


Introducing Fiddler
• HTTP/HTTPS Debugger
• Runs as a proxy server on the local
machine or on a remote server
• Written in C# (.NET Framework
• Freely available from

com Explorer Proxy Office . H o w d o e s Fid d le r w o rk? Firewall Firefox CryptoAPI WinHTTP Internet CorpNET WinINET Fiddler example.

Debugging non-Windows clients PC Mac Fiddler Internet Linux PocketPC .

Who uses Fiddler? M icro so ft e n g in e e rs S u p p o rt te a m s Lo ts o f exte rn a lw e b d e ve lo p e rs ( 10K + downloads per week ) S e cu rity re se a rch e rs  Some bad guys    .

What can Fiddler do? HTTP/HTTPS traffic monitoring and analysis Request and response modification Timing and network manipulation .

HTTPS Traffic Decryption .

a n d ke y h e a d e rs Ico n s sh o w sta tu s of re q u e st/ re sp o n se . Fid d le r U I: S e ssio n List Icons show status of request/response Lists a lltra ffic U R Ls. size .

Fiddler UI: Inspectors In sp e cto rs a llo w yo u to visu a lize re q u e sts a n d re sp o n se s in m e a n in g fu lw a ys. .

  . FiddlerScript Rules R u le s a re w h e re Fid d le r g e ts really fun! Use JavaScript to manipulate request or response headers or entity body.

Extending Fiddler UI Fid d le rS crip t a n d exte n sio n s ca n a d d n e w m e n u ite m s o r ta b s. .

. m o d ify o r re m o ve h e a d e rs fro m a llre q u e sts a n d re sp o n se s. Using Simple Filters Fla g .

AutoResponder R e p la y p re vio u sly ca p tu re d o r g e n e ra te d tra ffic .  .

o r m o d ify a n d re issu e a re q u e st p re vio u sly ca p tu re d . Request Builder C re a te h a n d -b u ilt H TT P re q u e sts. .

Traffic Comparison Use WinDiff to compare HTTP requests and responses. .

QuickExec QuickExec allows you to issue textual commands directly… .

Search Traffic Search for strings in all captured traffic. .

Text Encoding / Decoding Convert text between popular web encodings. .

SAZ Files • “Session Archive ZIP” files store raw traffic. users. • FiddlerCap allows capture of SAZ files by non-technical. • SAZ files can be reopened by Fiddler or standard ZIP utilities. often remote. . • SAZ files are compressed and may be password protected. . www. FiddlerCap Use FiddlerCap for remote collection of evidence.

exe . exe Xceed *.exe Inspector2 IFiddlerExtension IFiddlerExtension Fiddler ScriptEngine Your FiddlerScript FiddlerCore FiddlerCore Xceed *. dll Makecert .exe Inspector2 cAction. dll Makecert . Fiddler application with Your application hosting extensions FiddlerCore Fiddler 2 YourApp.

Windows. AS TO THE INFORMATION IN THIS PRESENTATION. Questions? https://www. MICROSOFT MAKES NO WARRANTIES. and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation.S. and/or other countries. All rights reserved. EXPRESS. Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U. it should not be interpreted to be a commitment on the part of © 2009 Microsoft Corporation. IMPLIED OR STATUTORY.fiddler2. Microsoft. Because Microsoft must respond to changing market conditions. .