More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (19)
Similar to Fiddler web testing tool
Similar to Fiddler web testing tool (20)
Fiddler web testing tool
- 1. FIDDLER PERFORMANCE/STRESS TESTING TOOL COORDINATOR: PRESENTED BY: DR. ANOJ KUMAR HIMANI CHAUHAN CSED,MNNIT ALLAHABAD
- 2. TABLE OF CONTENT • WHY WE SELECT FIDDLER • WHAT IS FIDDLER • WHAT CAN FIDDLER DO • KEY FEATURES • HOW DOES IT WORK • WEB SESSIONS • INSPECTORS • STATICS • TIMELINE
- 3. WHY WE SELECT FIDDLER • WORKS WITH ALMOST ANY HTTP CLIENT NOT JUST FIREFOX AND IE • CAN INTERCEPT TRAFFIC FROM CLIENTS ON NON-WINDOWS PLATFORMS, E.G. MOBILE DEVICES • SUPPORTS PLUGINS TO ADD EXTRA FUNCTIONALITY • IT WILL PROVIDE SPECIFIC DATA ABOUT ALL THE INTERNET TRAFFIC THAT GOES THROUGH TO THE PC. • ITS USER INTERFACE IS KNOWN TO MAKE IT EASY TO MONITOR HTTP REQUESTS.
- 4. WHAT IS FIDDLER • FIDDLER IS A WEB DEBUGGING TOOL WHICH LOGS ALL HTTP(S) TRAFFIC BETWEEN YOUR COMPUTER AND THE INTERNET. • FIDDLER ALLOWS YOU TO INSPECT TRAFFIC, SET BREAKPOINTS, AND "FIDDLE" WITH INCOMING OR OUTGOING DATA. • FIDDLER IS FREEWARE AND CAN DEBUG TRAFFIC FROM VIRTUALLY ANY APPLICATION THAT SUPPORTS A PROXY, INCLUDING INTERNET EXPLORER, GOOGLE CHROME, MOZILLA FIREFOX, OPERA, AND THOUSANDS MORE.
- 5. FIDDLER IS… • AN HTTP DEBUGGER • WRITTEN IN .NET2/3.5 • EXTENSIBLE • FREE OF CHARGE • A MUST TOOL FOR EVERY WEB DEVELOPER
- 6. WHAT CAN FIDDLER DO? • TRACK HTTP/HTTPS TRAFFIC • INSPECT MESSAGE CONTENT • MANIPULATE REQUESTS AND RESPONSES • EXPORT WEB SESSIONS FOR LATER INSPECTION • OFFER EXTENSIBILITY THROUGH SCRIPT AND CODE
- 7. KEY FEATURES • WEB DEBUGGING • WEB SESSION MANIPULATION • PERFORMANCE TESTING • SECURITY TESTING • HTTP/HTTPS TRAFFIC RECORDING • CUSTOMIZING FIDDLER
- 8. HOW DOES IT WORK?
- 9. WATCHING TRAFFIC • WEB SESSIONS • STATISTICS • INSPECTORS • TIMELINE
- 10. LET’S GET STARTED WITH FIDDLER
- 11. WEB SESSIONS
- 12. KEY INFORMATION • # - AN ID# OF THE REQUEST GENERATED BY FIDDLER FOR YOUR CONVENIENCE • RESULT - THE RESULT CODE FROM THE HTTP RESPONSE • PROTOCOL - THE PROTOCOL (HTTP/HTTPS/FTP) USED BY THIS SESSION • HOST - THE HOSTNAME OF THE SERVER TO WHICH THE REQUEST WAS SENT • URL - THE PATH AND FILE REQUESTED FROM THE SERVER • BODY - THE NUMBER OF BYTES IN THE RESPONSE BODY
- 13. CONTINUED... • CACHING - VALUES FROM THE RESPONSE'S EXPIRES OR CACHE-CONTROL HEADERS • PROCESS - THE LOCAL WINDOWS PROCESS FROM WHICH THE TRAFFIC ORIGINATED • CONTENT-TYPE - THE CONTENT-TYPE HEADER FROM THE RESPONSE • CUSTOM - A TEXT FIELD YOU CAN SET VIA SCRIPTING • COMMENTS - A TEXT FIELD YOU CAN SET FROM SCRIPTING OR THE SESSION'S CONTEXT MENU
- 14. CHECK STATISTICS OF THE REQUEST
- 16. CHART VIEW
- 18. REQUEST INSPECTORS • HEADERS—SHOWS REQUEST HEADERS AND STATUS. • TEXT VIEW—SHOWS THE REQUEST BODY IN A TEXT BOX • HEX VIEW—SHOWS THE REQUEST BODY IN A HEXADECIMAL VIEW. • XML—SHOWS THE REQUEST BODY AS AN XML DOM IN A TREE VIEW.
- 19. RESPONSE INSPECTORS • TRANSFORMER—REMOVES ZIP, DEFLATE, AND CHUNKED ENCODINGS FOR EASIER DEBUGGING. • HEADERS—SHOWS RESPONSE HEADERS AND STATUS. • TEXT VIEW—SHOWS THE RESPONSE BODY IN A TEXT BOX. • HEX VIEW—SHOWS THE RESPONSE BODY IN A HEXADECIMAL VIEW. • IMAGE VIEW—SHOWS THE RESPONSE BODY AS AN IMAGE. SUPPORTS ALL .NET IMAGE FORMATS.
- 21. TIMELINE
- 22. TRAFFIC COMPARISON • ONE LITTLE KNOWN AWESOME FEATURE OF WEB SESSIONS IS THE ABILITY TO COMPARE TWO SESSIONS. TO COMPARE TWO SESSIONS SELECT THEM IN THE WEB SESSIONS PANE, RIGHT CLICK AND CHOOSE 'COMPARE' ITEM FROM THE MENU.
- 25. FIDDLER AND HTTPS • HTTPS IS SECURED BETWEEN TWO MACHINES • ACTS AS A MAN-IN –THE-MIDDLE • GENERATE CERTIFICATE FOR MACHINES ON THE FLY • FIDDLER SUPPORTS CLIENT CERTIFICATES FOR AUTHENTICATION
- 26. • FIDDLER USES A HACKING TECHNIQUE CALLED MAN-IN-THE-MIDDLE ATTACK TO DECRYPT HTTPS TRAFFIC:
- 27. LOCATING SPECIFIC TRAFFIC • MARKING SESSIONS MANUALLY • FILTER BY APPLICATION TYPE/PROCESS • FIND SESSIONS DIALOG • FLAGGING SPECIAL REQUESTS
- 28. MARK SESSIONS TO VIEW LATER ON
- 29. FIND OPTION
- 30. FILTER
- 31. SUMMARY • FIDDLER IS A WEB DEBUGGING TOOL • IT ALLOWS YOU TO WATCH HTTP TRAFFIC USING WEB SESSIONS AND COMPARE TWO SESSIONS • IT SHOWS YOU STATISTICS ABOUT THE SELECTED SESSIONS • YOU CAN INSPECT REQUESTS AND RESPONSES USING INSPECTORS • IT CAN DECRYPT HTTPS TRAFFIC USING THE MAN-IN-THE-MIDDLE ATTACK
- 32. REFERENCES • FIDDLER TUTORIAL • FIDDLER LECTURE OF IDO FLATOW • FIDDLER QUICK START GUIDE • WWW.FIDDLER2.COM
- 33. THANK YOU !!!