Fiddler – Intercepting Web Debugging Proxy

Fiddler is an Intercepting web proxy designed for “web debugging”. This will be useful during a penetration testing or testing a web resources for security vulnerabilities. Fiddler web debugging proxy help to record, inspect and debug traffic from any browser.

Fiddler - Web Debugging Proxy
Fiddler – Web Debugging Proxy

Some of the features with this tool are:

  • Customizable Free Tool – Benefit from a rich extensibility model, ranging from simple FiddlerScript to powerful extensions which can be developed using any .NET language.
  • Web Session Manipulation- Edit web sessions easily:just set a breakpoint to pause the processing of the session and permit alteration of the request/response. Compose your own HTTP requests and run them through Fiddler.
  • Performance Testing – The tool lets you see the “total page weight,” HTTP caching and compression at a glance. Isolate performance bottlenecks with rules such as “Flag any uncompressed responses larger than 25kb.”
  • Security Testing – Decrypt HTTPS traffic and display and modify web application requests using a man-in-the-middle decryption technique. Configure Fiddler to decrypt all traffic, or only specific sessions.
  • HTTP/HTTPS Traffic Recording – Use Fiddler to log all HTTP(S) traffic between your computer and the Internet. Debug traffic from virtually any application that supports a proxy (IE, Chrome, Safari, Firefox, Opera and more).
  • Web Debugging – Debug traffic from PC, Mac or Linux systems and mobile (iOS and Android) devices. Ensure the proper cookies, headers and cache directives are transferred between the client and server. Supports any framework, including .NET, Java, Ruby, etc.

You can read more and download this tool over here: https://www.telerik.com/fiddler

Share