Fiddler Tutorial/Notes

    I after using Fiddler for a few years now, I wanted to jot some notes down for myself so I don't forget. I really like using fiddler and most of the time I prefer using it over the developer tools inside chrome just because I can use it across different browsers at the same time. This Saves me a lot hassle in opening the developer tool everytime but you might ask what is fiddler? "Its a web Proxy", where you can debug traffic calls, test the network performance and tons more stuff.  Fiddler is a .net application and will not run on other platforms however you can point clients to a host machine that is able to run fiddler and debug from there.

 Notes
  • Traffic Import- Seeing a client's web experience.
    • FiddlerCap - lightweight version of fiddler more for client users, to allow you to see specific http request and responses even if you not on that network.
    • Example problems that you can use this for: DNS corruption
    • Poison DNS or other known as DNS spoofing
    • Does not support importing binaries 
  • Traffic Analysis 
    • Filtering 
      • To filter down to a process/browser: In the toolbar (if nothing set) "Any Process" crosshair icon.
      • To filter down to a process/browser: In the toolbar (if nothing set) "Any Process" crosshair icon.
      • Could also what you can do is in Rules option under User-agent for all browsers of a specific type.
      • To hide image request: Under Rules -> "Hide Image Request"
      • To filter down even more: The left tool boxes - under Filters
      • Find: use toolbar icon or cntrl-f.
  • Exporting - a collection of requests
    • copy sessions to the clipboard
    • store as a plaintext file
    • extract binary response bodies
    • archive to a database
    • export a visual studio .WebTest file
    • You can even write your own export (to even to a database!)
    • fiddler's native "Session Archive Zip file format"
  • "Viewers" Mode - allows examining multiple captures side-by-side
  • Buffering Mode -  the default mode, will wait until everything is collected before returning.
  • Streaming Mode - for performance testing  and speed profiles.
  • Request Builder - Edit previous requests and post them. 
  • AutoResponder - useful for changing things on the fly with Requests
    • If a site is down you can use a backup of the site locally.
  • Request Modification - Changes what is returned from requests
  • neXpert - much like Google's Page Insight or any other site audit. 
  • FiddlerCore, the .NET class library that lets you build Fiddler-like functionality into test frameworks and other tools
Side Notes
  • WinHttp - "designed to be used primarily in server-based scenarios by server applications that communicate with HTTP servers."
  • WinInet - "application programming interface (API)".
  • WinDiff -  "graphical file-comparison program 
  • ExecAction - "Scripting object that represents an action that executes a command-line operation."
Resources
    A lot of the information I got was on demoed at Microsoft Build and posted on Channel9:Advanced Web Debugging with Fiddler. After seeing the video I discovered I could be using fiddler to do so much more and this got me really excited to do more with fiddler. So I thought it was important to dig a little bit deeper on everything in the video. Also take a look at the Fiddler Commands for more options which I found to be interesting.

Popular posts from this blog

Aspetcore: NLog with Postgresql

This Article is base ASP.Net Core 2 and the latest version of Nlog. 1. Install NLog and the Postgresql Package Using NuGet to install the package into your ASP.NET Core project: PM > Install-Package NLog.Web.AspNetCore PM > Install-Package Npgsql 3. Register NLog Add in your Startup.cs  public void Configure ( IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory ) { ... env.ConfigureNLog( "nlog.config" ); ... // make sure Chinese chars don't fk up Encoding.RegisterProvider(CodePagesEncodingProvider.Instance); //add NLog to ASP.NET Core loggerFactory.AddNLog(); //add NLog.Web app.AddNLogWeb(); } 4. Add to Your Controller Add a logger object to your Controller. private readonly ILogger<YourController> _logger; Modify the constructor to use it public YourController ( ILogger<YourController> logger = null ) { if ( null != logger) { _logger = logger; ...
Read more

Mongodb Cheatsheet

This cheat sheet is based on the latest version of mongodb, which initial had setup and didn't encounter any problems. However that all changed when I was working remote and forgot I disabled the port no my network, rather than with the server. So I went pointing around where I didn't need to and ended up messing things up. The Best tutorial out there is of course on digital ocean for my setup on ubuntu 16.04 , this articles isn't so much about getting setup. I just wanted to include it because I found myself looking back at it to see if I missed a step. Bugs/Problems Now comes all the messed up things I found and had to deal with. firewall - Port seems to be open, but connection refused try using 0.0.0.0 in the bin_ip for the /etc/mongo.conf try sudo ufw disable and check to see if it works without the firewall (probably still wont but worth a shot), then just sudo ufw enable. Make sure port 27017 is open. Then check this  linux - Connection refused to MongoDB e...
Read more

Installing Windows on Acer chromebook 15 cb3-532

Much of my notes are just small problems I faced (what's new!) haha. Either way this was a really fun project to do for a friend and I got excited once I research all the information. You can find instruction videos but what helped me the most was the coolstar website. Sadly they don't have parameters in the url so I can link the machine I used in this article. -  https://coolstar.org/chromebook/windows-install.html Scared of messing with the bios? Don't be!    So you need to first remove the screw to put a legacy bios on the machine. Its easy to backup the chrome os one and with the same steps to change it. You can go back in and revert to the chrome version bios. Its that last part that had me worried and its very easy to do.  Problems getting into Developer Mode?   Follow the instructions to the letter, during the step to disable the OS verification, press Ctrl-D to boot into os. If you hear two beeps I would go back to set one. I got in a loo...
Read more