Fiddler Certificate Generators

Fiddler and FiddlerCore offer three different choices for generating interception certificates: MakeCert CertEnroll Bouncy Castle If you’re so inclined, you can even write your own certificate generator (say, by wrapping OpenSSL) and expose it to Fiddler using the ICertificateProvider3 interface. On Windows, Fiddler includes the MakeCert and CertEnroll certificate generators by default; you can downloadContinue reading “Fiddler Certificate Generators”

What’s New in Fiddler 4.6

Telerik Fiddler version 4.6 (and v2.6 targeting .NET2) is now available for download. The new version includes several new features and dozens of tweaks and bugfixes, described in this article. View > Tabs Menu The new View > Tabs menu offers a list of tabs that are hidden by default. The Preferences command displays aContinue reading “What’s New in Fiddler 4.6”

API Testing with Telerik Fiddler

Fiddler has long been the tool of choice for developers and testers who are building and verifying APIs exposed over HTTP(S). In this post, we’ll explore the existing features Fiddler offers for API Testing and announce new capabilities we’ve released in Fiddler 2.6/4.6. Composing API Calls The Composer tab enables the authoring of arbitrary HTTP(S)Continue reading “API Testing with Telerik Fiddler”

Tuning MemoryStream

By day, I build the Fiddler Web Debugger. I’ve recently started integrating telemetry collection into the application for automated exception reporting and to collect information about the user’s environment to ensure that Fiddler testing environments match real-world usage. The data is fascinating (and I’ll probably blog more about it later), but one data point inContinue reading “Tuning MemoryStream”

Testing HTTPS In Native APPs

Over on Twitter, Paul asks how to verify that a native application is using TLS. For a PC, it’s pretty simple, just run Fiddler and watch the traffic. If you see any HTTP requests (other than those labeled “Tunnel to”, indicating a HTTP tunnel used for HTTPS traffic) from the Process of interest, that trafficContinue reading “Testing HTTPS In Native APPs”