"How to use fiddler" This presentation will be help you, if you first user about fiddler. Some presentation's page has gammer error then, Please, Email me with feedback, i will fix it quickly. Thanks for your watching
writter's email : dydwls121200@gmail.com
I'm a student in korea.
Exactly There are lots of grammer error. .
How to use Fiddler to inspect traffic, investigate performance of web applications and services, debug web applications, test applications, and support client issues.
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Rob Fuller
This talk (hopefully) provides some new pentesters tools and tricks. Basically a continuation of last year’s Dirty Little Secrets they didn’t teach you in Pentest class. Topics include; OSINT and APIs, certificate stealing, F**king with Incident Response Teams, 10 ways to psexec, and more. Yes, mostly using metasploit.
Cusomizing Burp Suite - Getting the Most out of Burp ExtensionsAugust Detlefsen
This lecture gives pentesters and security tool developers an overview of the APIs available to extend the Burp Suite intercepting proxy. Using open-source examples developed by the author I illustrate a number of key areas for anyone wishing to create extensions for Burp Suite:
- Passive scanning
- Active scanning
- Identifying insertion points
- Request modification
The presentation includes code samples and links to actual open source Burp Suite plugins developed by the author.
It's a very basic introduction of Load Runner for beginners, i explored it at my own, prepared slides & shared it with my colleagues.
What is Load Runner & why we need Performance testing etc.
Enjoy :)
How to use Fiddler to inspect traffic, investigate performance of web applications and services, debug web applications, test applications, and support client issues.
Dirty Little Secrets They Didn't Teach You In Pentest Class v2Rob Fuller
This talk (hopefully) provides some new pentesters tools and tricks. Basically a continuation of last year’s Dirty Little Secrets they didn’t teach you in Pentest class. Topics include; OSINT and APIs, certificate stealing, F**king with Incident Response Teams, 10 ways to psexec, and more. Yes, mostly using metasploit.
Cusomizing Burp Suite - Getting the Most out of Burp ExtensionsAugust Detlefsen
This lecture gives pentesters and security tool developers an overview of the APIs available to extend the Burp Suite intercepting proxy. Using open-source examples developed by the author I illustrate a number of key areas for anyone wishing to create extensions for Burp Suite:
- Passive scanning
- Active scanning
- Identifying insertion points
- Request modification
The presentation includes code samples and links to actual open source Burp Suite plugins developed by the author.
It's a very basic introduction of Load Runner for beginners, i explored it at my own, prepared slides & shared it with my colleagues.
What is Load Runner & why we need Performance testing etc.
Enjoy :)
LOG4j allows the developer to control which log statements are output with arbitrary granularity. It is fully configurable at runtime using external configuration files.
Implementing code-based load tests in JavaScript with the k6 performance testing tool.
Svetlin Nakov @ QA Challenge Accepted 2021
Load and performance testing aims to determine whether software meets speed, scalability and stability requirements under expected workloads. Old school performance testing tools like Apache JMeter are complex and heavy and are not well aligned with the modern QA automation and continuous integration trends.
In this talk Svetlin presents and demonstrates the "k6 framework" - a modern open-source load testing tool, which describes the load tests as JavaScript code. The k6 tool is very powerful, high-performance and developer-friendly. It allows load testing of Web apps and APIs, accessed through the HTTP protocol.
Svetlin also demonstrates how to install and use k6, how to run its test recorder, how to edit the recorded scripts at the k6 cloud and how to write k6 scripts in JavaScript (execute HTTP requests, write checks, define thresholds), and execute the scripts with certain number of virtual users for certain duration.
Seastar is a modern, open source server application framework written in C++ that presents a future/promise based API to the user while delivering top-of-the line performance -- more than five times the nearest competitor, with 7 million requests per second served on a single machine.
This presentation about Selenium WebDriver will help you understand what is Selenium, why Selenium WebDriver was developed, what exactly is Selenium WebDriver, the architecture of Selenium WebDriver and the limitations of Selenium WebDriver. In the end, we'll be looking at a demo showing the working of WebDriver using java. Selenium is an automated testing tool that tests web applications across various platforms and browsers. WebDriver happens to be one of the Selenium tools with a simple yet robust architecture. It controls the browser based on the user program. WebDriver revolutionized automation testing and continues to do so. Let's move further and understand the selenium web driver in detail.
Below are the topics we will be discussing in the presentation:
1. What is Selenium?
2. Why Selenium WebDriver?
3. What is Selenium WebDriver?
4. The architecture of Selenium WebDriver
5. Limitations of Selenium WebDriver
6. Demo: Automation testing with WebDriver
Selenium training has been designed to help developers and manual testers learn how to automate web applications with a robust framework, and integrate it within the DevOps processes of an organization. The course includes basic as well as advanced concepts of WebDriver and other tools/frameworks like TestNG, Maven, AutoIT, Sikuli, log4j. Special focus is given on building a robust framework with Page Object Design Pattern, Data-Driven Approach, and creating reusable components to improve productivity. The course also covers the Selenium Grid, which along with TestNG helps achieve parallel execution to improve coverage and reduce execution time for faster feedback. Appium is an open source test automation framework for use with native, hybrid, and mobile web applications. The course includes a project where you have to create the test automation for an eCommerce application with a framework and reporting.
What are the objectives of this Selenium training course?
This course will enable you to:
1. Revise the core Java concepts which are essential for learning Selenium WebDriver
2. Understand the scope of Test Automation in DevOps and fundamentals of Test Automation
3. Create Test Cases using Selenium IDE – Record and Playback tool
4. Understand Selenium WebDriver architecture and various layers of interaction
5. Set up WebDriver project in Eclipse and write test cases using TestNG
6. Locate elements using various locating techniques
7. Work with various WebDriver commands to drive web browser and various WebElement commands to deal with various web components
8. Learn to deal with various possible scenarios in terms of pop-ups, multiple Windows, frames, taking screenshots
9. Implement Page Object Design Pattern and Data Driven Testing
10. Understand how to use Maven, ANT, AutoIT, Sikuli, log4j, and listeners
11. Learn to use Selenium Grid with TestNG for parallel execution
Learn more at https://www.simplilearn.com/selenium-certification-training
Selenium Tutorial For Beginners | What Is Selenium? | Selenium Automation Tes...Edureka!
This Edureka Selenium tutorial will give you an introduction to software testing. It talks about the drawbacks of manual testing and reasons why automation testing is the way forward. In this Selenium tutorial, you will also get to learn the different suites of Selenium and what are the features and shortcomings of Selenium as an automation testing tool.
To take a structured course on Selenium, you can check our Selenium training page: https://www.edureka.co/testing-with-selenium-webdriver
In this quality assurance training session, you will learn Selenium WebDriver Testing. Topics covered in this course are:
• Overview of Selenium WebDriver
• Get Selenium WebDriver Java
• Selenium – JAVA Configuration
• WebDriver in Different Browsers
• Open Application
• Browser Settings
• Locating Elements
• Object Identification Methods
• Locator ID, Name
• Locators –LinkText, partialLinkText, CSS, CSS
• Accessing different objects in application
• Switch Window
• Wait in WebDriver
• Verifications
• WebTable
To know more, visit this link: https://www.mindsmapped.com/courses/quality-assurance/software-testing-quality-assurance-qa-training-with-hands-on-exercises/
Cross-Browser-Testing with Protractor & BrowserstackLeo Lindhorst
With Protractor the Angular Ecosystem has an almost-standard for UI-Testing, but ensuring not only functionality in general, but also verifying that the app is cross-browser, cross-platform and cross-device compatible and responsive can be challenging. It's not only a financial and organizational effort to supply all the different devices and browser and integrate it into an existing organizations infrastructure, but also the scalability is limited and setting up the devices and connections is tied to some work. Browserstack provides a Cloud-Service for testing Web-Apps on a bunch of real devices with a rather easy to use integration into all Selenium based test execution frameworks, like Protractor. The talk gives a short introduction to Browserstack and shows, how it can be integrated into Protractor.
This presentation was given at BSides Austin '15, and is an expanded version of the "I hunt sys admins" Shmoocon firetalk. It covers various ways to hunt for users in Windows domains, including using PowerView.
How we can measure server performance using jmeter?BugRaptors
BugRaptors use different types of tools for performance and load testing. One of the tools we use is JMeter to analyze the performance of web applications and Mobile apps with varying load. It is used to test performance both on static and dynamic resources such as static files, Java Servlets, ASP.NET, PHP, CGI scripts, Java objects, databases, FTP servers, and more.
LOG4j allows the developer to control which log statements are output with arbitrary granularity. It is fully configurable at runtime using external configuration files.
Implementing code-based load tests in JavaScript with the k6 performance testing tool.
Svetlin Nakov @ QA Challenge Accepted 2021
Load and performance testing aims to determine whether software meets speed, scalability and stability requirements under expected workloads. Old school performance testing tools like Apache JMeter are complex and heavy and are not well aligned with the modern QA automation and continuous integration trends.
In this talk Svetlin presents and demonstrates the "k6 framework" - a modern open-source load testing tool, which describes the load tests as JavaScript code. The k6 tool is very powerful, high-performance and developer-friendly. It allows load testing of Web apps and APIs, accessed through the HTTP protocol.
Svetlin also demonstrates how to install and use k6, how to run its test recorder, how to edit the recorded scripts at the k6 cloud and how to write k6 scripts in JavaScript (execute HTTP requests, write checks, define thresholds), and execute the scripts with certain number of virtual users for certain duration.
Seastar is a modern, open source server application framework written in C++ that presents a future/promise based API to the user while delivering top-of-the line performance -- more than five times the nearest competitor, with 7 million requests per second served on a single machine.
This presentation about Selenium WebDriver will help you understand what is Selenium, why Selenium WebDriver was developed, what exactly is Selenium WebDriver, the architecture of Selenium WebDriver and the limitations of Selenium WebDriver. In the end, we'll be looking at a demo showing the working of WebDriver using java. Selenium is an automated testing tool that tests web applications across various platforms and browsers. WebDriver happens to be one of the Selenium tools with a simple yet robust architecture. It controls the browser based on the user program. WebDriver revolutionized automation testing and continues to do so. Let's move further and understand the selenium web driver in detail.
Below are the topics we will be discussing in the presentation:
1. What is Selenium?
2. Why Selenium WebDriver?
3. What is Selenium WebDriver?
4. The architecture of Selenium WebDriver
5. Limitations of Selenium WebDriver
6. Demo: Automation testing with WebDriver
Selenium training has been designed to help developers and manual testers learn how to automate web applications with a robust framework, and integrate it within the DevOps processes of an organization. The course includes basic as well as advanced concepts of WebDriver and other tools/frameworks like TestNG, Maven, AutoIT, Sikuli, log4j. Special focus is given on building a robust framework with Page Object Design Pattern, Data-Driven Approach, and creating reusable components to improve productivity. The course also covers the Selenium Grid, which along with TestNG helps achieve parallel execution to improve coverage and reduce execution time for faster feedback. Appium is an open source test automation framework for use with native, hybrid, and mobile web applications. The course includes a project where you have to create the test automation for an eCommerce application with a framework and reporting.
What are the objectives of this Selenium training course?
This course will enable you to:
1. Revise the core Java concepts which are essential for learning Selenium WebDriver
2. Understand the scope of Test Automation in DevOps and fundamentals of Test Automation
3. Create Test Cases using Selenium IDE – Record and Playback tool
4. Understand Selenium WebDriver architecture and various layers of interaction
5. Set up WebDriver project in Eclipse and write test cases using TestNG
6. Locate elements using various locating techniques
7. Work with various WebDriver commands to drive web browser and various WebElement commands to deal with various web components
8. Learn to deal with various possible scenarios in terms of pop-ups, multiple Windows, frames, taking screenshots
9. Implement Page Object Design Pattern and Data Driven Testing
10. Understand how to use Maven, ANT, AutoIT, Sikuli, log4j, and listeners
11. Learn to use Selenium Grid with TestNG for parallel execution
Learn more at https://www.simplilearn.com/selenium-certification-training
Selenium Tutorial For Beginners | What Is Selenium? | Selenium Automation Tes...Edureka!
This Edureka Selenium tutorial will give you an introduction to software testing. It talks about the drawbacks of manual testing and reasons why automation testing is the way forward. In this Selenium tutorial, you will also get to learn the different suites of Selenium and what are the features and shortcomings of Selenium as an automation testing tool.
To take a structured course on Selenium, you can check our Selenium training page: https://www.edureka.co/testing-with-selenium-webdriver
In this quality assurance training session, you will learn Selenium WebDriver Testing. Topics covered in this course are:
• Overview of Selenium WebDriver
• Get Selenium WebDriver Java
• Selenium – JAVA Configuration
• WebDriver in Different Browsers
• Open Application
• Browser Settings
• Locating Elements
• Object Identification Methods
• Locator ID, Name
• Locators –LinkText, partialLinkText, CSS, CSS
• Accessing different objects in application
• Switch Window
• Wait in WebDriver
• Verifications
• WebTable
To know more, visit this link: https://www.mindsmapped.com/courses/quality-assurance/software-testing-quality-assurance-qa-training-with-hands-on-exercises/
Cross-Browser-Testing with Protractor & BrowserstackLeo Lindhorst
With Protractor the Angular Ecosystem has an almost-standard for UI-Testing, but ensuring not only functionality in general, but also verifying that the app is cross-browser, cross-platform and cross-device compatible and responsive can be challenging. It's not only a financial and organizational effort to supply all the different devices and browser and integrate it into an existing organizations infrastructure, but also the scalability is limited and setting up the devices and connections is tied to some work. Browserstack provides a Cloud-Service for testing Web-Apps on a bunch of real devices with a rather easy to use integration into all Selenium based test execution frameworks, like Protractor. The talk gives a short introduction to Browserstack and shows, how it can be integrated into Protractor.
This presentation was given at BSides Austin '15, and is an expanded version of the "I hunt sys admins" Shmoocon firetalk. It covers various ways to hunt for users in Windows domains, including using PowerView.
How we can measure server performance using jmeter?BugRaptors
BugRaptors use different types of tools for performance and load testing. One of the tools we use is JMeter to analyze the performance of web applications and Mobile apps with varying load. It is used to test performance both on static and dynamic resources such as static files, Java Servlets, ASP.NET, PHP, CGI scripts, Java objects, databases, FTP servers, and more.
Removal of Transformation Errors by Quarterion In Multi View Image RegistrationIDES Editor
This method is based upon the image registration
process and the application is when the text which is to be
identified is behind the mesh which works as a hurdle. We
know that the mesh as hurdle can be made less irritating by
either moving the camera or the source itself. The method
uses Radon Transform for extracting the mesh lines and
capturing the position of the mesh lines. The final process of
filling the deformed image is through the registration. The
method is adaptive to movement in any direction. The
transformation errors are removed by the Quarterions. It was
tested on a number of images [200] approximately and gave
excellent results.
Quantum Entanglement - Cryptography and CommunicationYi-Hsueh Tsai
1. Introduction 2. Quantum Entanglement 3. Quantum Cryptography - Quantum Key Distribution 4. Physical Limit for E2E Time Delay - Speed of Light 5. Shorten E2E Delay - Faster-Than-Light Communication 6. Conclusions
To improve communication security, quantum cryptography could be considered. 2. To shorten E2E delay, technology regarding Faster-ThanLight (FTL) communication is required.
Describes a “process” to help remove things from resumes that the job seeker may love, but can cause “red flags” or get the job seeker removed from the “interview” list by HR or the Hiring Manager. This presentation works best if some of the job-seekers can send in resumes two or three days prior to the presentation so individual “real” examples can be used during the process demonstration.
If you have visited a website, and you show the error ‘This site can’t be reached the connection was reset error’ or ERR_CONNECTION_RESET. This means that a connection could not be established correctly. The issue is usually on the users’ end, and the occasion is it a problem with the website itself. To know how to fix the connection was reset error.
How to Fix the Incorrect Password Issue on RDP.pdfHost It Smart
Find the quick and effective solutions for fixing the RDP incorrect password issue with our comprehensive guide to unlock seamless remote desktop access effortlessly!
Dating Pro is a fully functional dating software script that allows the prompt and easy creation of dating, personals and social networking websites. This instruction helps to install Dating Pro software fast and easily .
How to fix the error this site can’t be reachedPearl Lemon
Sometimes you face the error 'This site can’t be reached.’ You may also see ERR_CONNECTION_RESET. This means that your connection could not be established properly. How the connection was reset. So, follow the steps in the troubleshooter, and see if that fixes the problem.
This blog is about utilizing IBM Bluemix’s readily available environment capabilities for the development of IoT application by integrating it with IBMWatson, Raspberry Pi and virtual device.
elasticsearch의 기본적인 working에 대한 발표자료입니다.
특히나 logging보다는 '검색 서비스'에 포커싱된 자료이기 때문에 '한글검색' 으로 고통받으실 분들을 위한 기초 자료라 생각해주시면 감사하겠습니다.
맞지않는 정보와 오탈자 그리고 의문점이 든다면 dydwls121200@gmail.com으로 언제든지 가벼운 마음으로 메일주세요. 저 또한 성장시키는 일이기도 하니까요. 환영합니다.
AWS를 이용하는 스타트업에서 신입개발자가 살아남는 썰들을 다루었습니다.
아무래도 썰 푸는 글이다보니 주제가 없다라고 돌을 던지신다면!!!
주제가 있는 글을 또 준비해보겠습니다 히히 :)
남들과 경험을 나누다보면 저도 성장하는것 같아서, 이런거 만드는거 참 좋아합니다.
굉장히 AWS이야기 중심적이기 때문에 AWS에 관심이 있는 분이시라면 공감할만한 이야기를 담았고, AWS가 처음이라면 자신감을 심어드릴 수 있도록 저의 실수하고 극복해 나가는 이야기를 담았습니다. 그리고 모두에게 도움이 되었으면 해서 미력하지만 Insight를 드릴 수 있는 내용들을 준비해 보았습니다.
끝으로, 제 이야기가 여러분께 도움이 되었으면 좋겠습니다.
글에 문제가 있거나 수정이 되었으면 하는부분, 또는 자신의 생각 등 자유로운 의견 메일이든 코멘트든 전부 환영입니다.
2015년에 학교에서 발표한 자료입니다.
내용은 IoT 분야는 옴니채널의 형태로써 서비스를 제공할 수 있어야 한다가 주된 토픽입니다.
옴니채널은 다른 서비스를 이용하고 있더라고 하나의 서비스를 계속 이용하고 있는 느낌이 들도록 하는 서비스의 흐름, 또는 하나의 서비스가 다른 서비스에서도 활용되는 서비스 채널을 말합니다. 예를들면, SNS의 기능이나 , 각종 월렛 서비스들의 페이들이 있습니다.
Final project report on grocery store management system..pdfKamal Acharya
In today’s fast-changing business environment, it’s extremely important to be able to respond to client needs in the most effective and timely manner. If your customers wish to see your business online and have instant access to your products or services.
Online Grocery Store is an e-commerce website, which retails various grocery products. This project allows viewing various products available enables registered users to purchase desired products instantly using Paytm, UPI payment processor (Instant Pay) and also can place order by using Cash on Delivery (Pay Later) option. This project provides an easy access to Administrators and Managers to view orders placed using Pay Later and Instant Pay options.
In order to develop an e-commerce website, a number of Technologies must be studied and understood. These include multi-tiered architecture, server and client-side scripting techniques, implementation technologies, programming language (such as PHP, HTML, CSS, JavaScript) and MySQL relational databases. This is a project with the objective to develop a basic website where a consumer is provided with a shopping cart website and also to know about the technologies used to develop such a website.
This document will discuss each of the underlying technologies to create and implement an e- commerce website.
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
NUMERICAL SIMULATIONS OF HEAT AND MASS TRANSFER IN CONDENSING HEAT EXCHANGERS...ssuser7dcef0
Power plants release a large amount of water vapor into the
atmosphere through the stack. The flue gas can be a potential
source for obtaining much needed cooling water for a power
plant. If a power plant could recover and reuse a portion of this
moisture, it could reduce its total cooling water intake
requirement. One of the most practical way to recover water
from flue gas is to use a condensing heat exchanger. The power
plant could also recover latent heat due to condensation as well
as sensible heat due to lowering the flue gas exit temperature.
Additionally, harmful acids released from the stack can be
reduced in a condensing heat exchanger by acid condensation. reduced in a condensing heat exchanger by acid condensation.
Condensation of vapors in flue gas is a complicated
phenomenon since heat and mass transfer of water vapor and
various acids simultaneously occur in the presence of noncondensable
gases such as nitrogen and oxygen. Design of a
condenser depends on the knowledge and understanding of the
heat and mass transfer processes. A computer program for
numerical simulations of water (H2O) and sulfuric acid (H2SO4)
condensation in a flue gas condensing heat exchanger was
developed using MATLAB. Governing equations based on
mass and energy balances for the system were derived to
predict variables such as flue gas exit temperature, cooling
water outlet temperature, mole fraction and condensation rates
of water and sulfuric acid vapors. The equations were solved
using an iterative solution technique with calculations of heat
and mass transfer coefficients and physical properties.
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
Using recycled concrete aggregates (RCA) for pavements is crucial to achieving sustainability. Implementing RCA for new pavement can minimize carbon footprint, conserve natural resources, reduce harmful emissions, and lower life cycle costs. Compared to natural aggregate (NA), RCA pavement has fewer comprehensive studies and sustainability assessments.
The Internet of Things (IoT) is a revolutionary concept that connects everyday objects and devices to the internet, enabling them to communicate, collect, and exchange data. Imagine a world where your refrigerator notifies you when you’re running low on groceries, or streetlights adjust their brightness based on traffic patterns – that’s the power of IoT. In essence, IoT transforms ordinary objects into smart, interconnected devices, creating a network of endless possibilities.
Here is a blog on the role of electrical and electronics engineers in IOT. Let's dig in!!!!
For more such content visit: https://nttftrg.com/
Harnessing WebAssembly for Real-time Stateless Streaming PipelinesChristina Lin
Traditionally, dealing with real-time data pipelines has involved significant overhead, even for straightforward tasks like data transformation or masking. However, in this talk, we’ll venture into the dynamic realm of WebAssembly (WASM) and discover how it can revolutionize the creation of stateless streaming pipelines within a Kafka (Redpanda) broker. These pipelines are adept at managing low-latency, high-data-volume scenarios.
Saudi Arabia stands as a titan in the global energy landscape, renowned for its abundant oil and gas resources. It's the largest exporter of petroleum and holds some of the world's most significant reserves. Let's delve into the top 10 oil and gas projects shaping Saudi Arabia's energy future in 2024.
12. fiddle [|fɪdl]
①[VERB] If you fiddle with an object, you keep moving it or touching with your fingers
②[VERB] If you fiddle with something, you change it in minor ways.
③[VERB] = If you fiddle with a machine, you adjust it
22. proxy [|prɑːksi]
① [NOUN] If you do something by proxy, you arrange for someone else
to do it for you those attending the meeting may vote by proxy
23. That means some of clients indirectly transport to service server using a
proxy server, It usually use for access the blocked service server
‘cause it can avoid block and surveillance
Client Service Server
directly transport to server
indirectly transport to server
Service ServerProxy Server
Clients
packet
29. Installation Notice
- It’s web debugging program made by Telerik Co.
- It’s supported Windows, MAC OS, Linux Debian, Fedora
- Fiddler setting up is little hard work on Linux(But Geeks do this thing)
- It’s so easy to use On Windows(Almost setting is auto)
- Almost of Browser setting up is auto, but few of browser isn’t.
License
- This is freeware. Then Telerik never mind occurred error on your PC or service while using this program.
- Fiddler has default option send the data what you did on this program. It’s transport to telerik through anonymous.
if you didn’t want it, change the option yourself.
- This software follows U.S law and rules.
- Fiddler can use for third party.
- If you earn money using manipulated fiddler, Telerik is going to district your illegality. You must be given penalty
30. Fiddler Features
Web Debugging
Performance Test
Record HTTP/HTTPS
Traffic
Manipulate
Web Session
Security Test
Customizing
It can read Cookie, Header, Cache in
http packet, doesn’t matter type of
device(laptop, mobile,PDA, etc..)
Support timeline, occurred http packet’s,
can check service pages weight and
network’s bottle neck.
Easily manipulated web session and Set
up break points.
It’s easy to test application security
about https. It will be helpful.
Fiddler has cool expandability util-
program. Fiddler’s script write on .NET
language. It will be expandable
component.
Fiddler is http proxy debugger. Then, of
course capture https packet and read.
31. If you arrived at this page, your installation be done.
Then, run it !
49. (This is my private server..
Please, don’t put huge request data. cause’ I’m just a student.)
Test Account
Email : dydwls121200@gmail.com
Password : 1
50. You can see the URI that name ‘/login.do’ and click inspector
Then, you can read request and response data.
56. 1. Set up Break point in Program Control Menu
2. Set up Break point on Program’s status bar
3. Scripting on Quick Execute Console(it can directly set up to break point)
57. ①
②
③
- First and Second way are same process. They can
set up break point on request before, response after
- Third way is quick executor short key is ‘Alt+Q’
It move to focus on input box
- Third way’s document
http://docs.telerik.com/fiddler/KnowledgeBase/QuickExec
58. We are developer or major in computer science.
Then, we don’t mind First and Second ways.
Just focus on third way.
59. Press short key[Alt+Q] that quick executor on main display panel.
And enter this command ‘bpu smartlock.fun25.co.kr/dydwls121200@gmail.com’
Short description about Break point commands
-bpu : break point url
-bpafter : break point [response] after
-bpbefore : break point [request] before
Ex) bpu smartlock.fun25.co.kr/dydwls121200@gmail.com
60. Break Pointed web packets
Break Point next Response Data or
Complete to manipulate packet
If you enter any command, display it on this area
Third way’s break point when URI name is smartlock.fun25.co.kr/dydwls121200@gmail.com
Notice !! bpu command is break pointed before transport request data to service server
61. How is it going ? Does packets are stopped by break point well?
Now, Manipulate some request Data.
62. Fill ‘ABCDEFG’ up email input box by Request Data on login Dialog in my practice site,
In addition, you have to modify ‘ABCDEFG’ to ‘dydwls121200@gmail.com’.
Then, you can log-in with ‘dydwls121200@gmail.com’ by manipulating.
77. If you feel it’s not a smart behavior about decrypt https packet,
Go program control menu -> Tools -> Telerik Fiddler Options…-> Https Tab’
You can change the setting
81. 1. I want to see packet from just one service host.
2. I don’t need to capture packets.
3. I want to compare A Host and B Host packets.
4. I want to know the web page’s resource weight
85. 2. I don’t need to capture packets.
There are three way to stop fiddler’s packet capturing
- Click F12
- Check File-> Capture Traffic
- Click Status ‘of Capturing’ On Left of bottom
86.
87. 3. I want to compare A Host and B Host packets.
Select two packet that want to compare.
Then, right click and choose ‘Compare’. Or press ‘[Ctrl+w]’
88. Fiddler has default option that comparing packet need a tool. That’s name ‘WinMerge’.
But, we didn’t have it. then, we have to install it.
(If you install ‘WinMerge’, I recommend you default setting(just click ‘next’ on and on). It hasn’t special)
** Actually, ‘WinMerge’ tool is simple, feather and free, I like it
참고 : http://winmerge.org/
93. Feedback or question is always welcome.(ㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋ)
Please e-mail me, I will response quickly.
Happy Hacking! > 3<
dydwls121200@gmail.com
YongJin Cho
Translation help YS Park.
94. References
참고 1 : http://www.mehdi-khalili.com/fiddler-in-action/part-1/
참고 2 : http://www.mehdi-khalili.com/fiddler-in-action/part-2/
참고 3 : http://www.telerik.com/fiddler/add-ons [Fiddler extension program]
참고 4 : https://www.youtube.com/watch?v=8bo5kXMAcV0 [Fiddler Official Video]
참고 5 : http://winmerge.org/ [WinMerge Office Web]