Eric has a light, breezy presentation style which makes listening enjoyable.
Fiddler was Eric's hobby project for years before Teleric offered to finance the project.
Fiddler (download) really is a Swiss Army Knife for http investigations.
My jumbled notes:
The command line has mucho power like ">50K" will only show data more than 50K
Alt-Click on a column shows all other lines with that value.
Fiddler runs on Windows, Linux Mint, and Ubuntu, but just barely on the Mac.
Fiddler can deal with HTTPS encryption and HTML5's WebSockets
It has an image inspector to give info on images
It has Regular Expression based HTTP rewrites
You can remap domains and ports - useful in testing to map a test server to the live server's domain or port
HOSTS command to reroute ip addresses since the HOST file in certain situations is not read
Autoresponder allows you to replay http sessions very fast for demos
FiddlerScripts let you write programs in Fiddler
It has lots of insertion points for adding customized code (AOP)
Watcher x5s is also a good tool websecuritytool.codeplex.com
Lastly, the entire core of Fiddler is available as a library for use in your programs.
No comments:
Post a Comment