Analyzing Network Traffic Logs (NetLog json)

Previously, I’ve described how to capture a network traffic log from Microsoft Edge, Google Chrome, and applications based on Chromium or Electron. In this post, I aim to catalog some guidance for looking at these logs to help find the root cause of captured problems and otherwise make sense of the data collected. Last Update:Continue reading “Analyzing Network Traffic Logs (NetLog json)”

Firefox and Fiddler – Easier than Ever

In a world where software and systems seem to march inexorably toward complexity, I love it when things get simpler. Years ago, Firefox required non-obvious configuration changes to even send traffic to Fiddler. Eventually, Mozilla changed their default behavior on Windows to adopt the system’s proxy, meaning that Firefox would automatically use Fiddler when it was attached,Continue reading “Firefox and Fiddler – Easier than Ever”

FiddlerCore and Brotli compression

Recently, a developer asked me how to enable Brotli content-compression support in FiddlerCore applications, so that APIs like oSession.GetResponseBodyAsString() work properly when the entity body has been compressed using brotli. Right now, support requires two steps: Put brotli.exe (installed by Fiddler or off Github) into a Tools subfolder of the folder containing your application’s executable. Ensure that theContinue reading “FiddlerCore and Brotli compression”

Using Fiddler With iOS 10 and Android 7

If you’ve tried to use Fiddler with iOS10 beta or Android 7 Nougat, you have probably found that HTTPS decryption isn’t working, even if you use the latest Fiddler and the Fiddler Certificate Maker add-on. Unfortunately, at the moment both platforms are broken, but for different reasons. In both cases, the client will fail toContinue reading “Using Fiddler With iOS 10 and Android 7”

Silliness – Fiddler Blocks Malware

Enough malware researchers now depend upon Fiddler that some bad guys won’t even try to infect your system if you have Fiddler installed. The Malware Bytes blog post has the details, but the gist of it is that the attackers use JavaScript to probe the would-be victim’s PC for a variety of software. Beyond Kaspersky,Continue reading “Silliness – Fiddler Blocks Malware”

Automatically Evaluating Compressibility

Fiddler’s Transformer tab has long been a simple way to examine the use of HTTP compression of web assets, especially as new compression engines (like Zopfli) and compression formats (like Brotli) arose. However, the one-Session-at-a-time design of the Transformer tab means it is cumbersome to use to evaluate the compressibility of an entire page orContinue reading “Automatically Evaluating Compressibility”

What’s New in Fiddler 4.6.2

TLDR? – Get the newest Fiddler here. It’s been just over two months since the last significant release, and Fiddler 4.6.2.0 (and v2.6.2.0) are now available. As always, the latest build includes a slew of bugfixes and minor tweaks, as well as a number of features described in this post. Default Certificate Generator Changed ChangesContinue reading “What’s New in Fiddler 4.6.2”