Fiddler Introducing Fiddler HTTP/HTTPS Debugger Runs as a

Fiddler Introducing Fiddler HTTP/HTTPS Debugger Runs as a proxy server on the local machine or on a remote server Written in C# (.NET Framework v2.0) Freely available from

http://www.fiddler2.com How does Fiddler work? Firewall Firefox CryptoAPI WinHTTP

Internet Explorer WinINET Office Fiddler

CorpNET Proxy example.com Mac Mac

PC PC Debugging non-Windows clients PocketPC PocketPC Linux

Linux Fiddler Internet Who uses Fiddler? Microsoft engineers Support teams

Lots of external web developers (10K+ downloads per week) Security researchers Some bad guys What can Fiddler do? HTTP/HTTPS traffic monitoring and

analysis Request and response modification Timing and network manipulation HTTPS Traffic Decryption Fiddler UI: Session List Icons show status of request/response

Lists all traffic URLs, size, and key headers Icons show status of request/response Fiddler UI: Inspectors

Inspectors allow you to visualize requests and responses in meaningful ways. FiddlerScript Rules Rules are where Fiddler gets really fun! Use JavaScript to manipulate request or response headers or entity body. Extending Fiddler UI

FiddlerScript and extensions can add new menu items or tabs. Using Simple Filters Flag, modify or remove headers from all requests and responses.

AutoResponder Replay previously captured or generated traffic. Request Builder Create hand-built HTTP

requests, or modify and reissue a request previously captured. Traffic Comparison Use WinDiff to compare HTTP requests and responses.

QuickExec QuickExec allows you to issue textual commands directly Search Traffic

Search for strings in all captured traffic. Text Encoding / Decoding Convert text between popular web encodings.

SAZ Files Session Archive ZIP files store raw traffic. SAZ files are compressed and may be password protected. SAZ files can be reopened by Fiddler or standard ZIP utilities. FiddlerCap allows capture of SAZ files by non-technical, often remote, users.

FiddlerCap Use FiddlerCap for remote collection of evidence. www.fiddlercap.com Fiddler application with extensions Fiddler 2

Your application hosting FiddlerCore YourApp.exe ExecAction.exe ExecAction.exe Inspector2

Inspector2 IFiddlerExtension IFiddlerExtension Fiddler ScriptEngine Your FiddlerScript FiddlerCore Xceed*.dll

Makecert.exe FiddlerCore Xceed*.dll Makecert.exe Questions?

https://www.fiddler2.com 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.