Apr 082010
 

Just came across this wonderful advanced security tool for Windows and should certainly be yet another tool in the armour for Security professionals, Network, Web and Windows Administrators and even developers to investigate their webapp or website codes.


Fiddler is a Web Debugging Proxy which logs all HTTP and HTTPS traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP(S) traffic, set breakpoints, and “fiddle” with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem. There are addons or extensions available for Fiddler which can enhance features.

Fiddler can debug traffic from virtually any application and browsers. As soon as Fiddler is installed on your system, it runs as a proxy and listens at 127.0.0.1:8888 although this port can be changed from Options. It is then added as a proxy to your browser (Internet Explorer, Google Chrome and Firefox tested) and and all traffic gets passed through Fiddler to record, analyze and interpret the traffic. For applications that supports proxy, this proxy address should be amended.

From this any point, any HTTP and HTTPS traffic passes through Fiddler. At this point, you can inspect all requests and responses and also set breakpoints (disabled by default) and then manipulate the Request or Response headers or simply choose from set response headers to complete the request/response transaction.

You can set filters and even autoresponders based on objects or the URI. This can be great to block connections which you know are dodgy or not required (ex: adverts).

You are also provided with statistics and a simple graph on the type of content types and timelines.

Click here to download Fiddler and here for Fiddler Addons.

Incoming search terms:

  One Response to “Fiddler – Free proxy to investigate HTTP(S) traffic in Windows”

  1. Saw somebody from the corporate office use this tool to resolve an problem with an Intranet application. I wanted to learn more about it. Thanks

 Leave a Reply

(required)

(required)

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>