Questions tagged [fiddler]
Fiddler is a debugging proxy.
18 questions
2
votes
2
answers
9k
views
Move a user CA cert to a trusted root cert in Android 13
I am using Fiddler, and I have to insert a CA Cert to decrypt the SSL certificate coming out of my device. My device running Android 13 is rooted, and when I installed my cert, it went into the user's ...
- 121
0
votes
0
answers
213
views
How can I forward and capture all traffic from a device (mobile, or PC) from another network?
Let's say Mobile device A sits on Network A, and I want to monitor their HTTPS traffic remotely, how might I go about doing this? I know that locally, on the same network, a proxy debugging tool can ...
- 1
1
vote
0
answers
720
views
Fiddler with Android Emulator mostly shows "A SSLv3-compatible ClientHello handshake was found" with no headers or data
When I run fiddler with a proxy for the BlueStacks Android emulator (on Windows), many of the results are listed as "Tunnel to" a random IP address, with no headers and no information on the ...
- 11
0
votes
1
answer
132
views
Can applications or websites know if their traffic is decrypted and re-encrypted by Fiddler? [duplicate]
Can websites, server-side apps such as those that rely on a constant connection with server e.g. messaging apps, server-side online games such as those that rely on constant server connection for ...
user279925
0
votes
0
answers
114
views
Export Fiddler Site Specific Cert
I have a site example.com that I am currently intercepting https traffic for and pointing it to my local server using fiddler. I would like to take fiddler out of the equation by installing the site's ...
- 1
0
votes
0
answers
2k
views
Decrypt mobile phone app TLS/SSL traffic using Wireshark and Fiddler/Charles/MITM Proxy
I currently use fiddler/Charles Proxy/MITM proxy to decrypt and analyze SSL/TLS traffic from suspect mobile apps I want to analyze. The process I follow is to export a CA cert from Fiddler, then ...
- 1
0
votes
1
answer
2k
views
What are the risks when using proxy such as Fiddler
I would like to understand a point. When I use fiddler it creates a local proxy to analyze the traffic, so far everything is fine. However when Fiddler is launched and I browse an HTTPS site the ...
- 59
2
votes
3
answers
3k
views
Is it possible to extract a certificate that an application uses to connect to an API server?
There's an API server that only allows connections including specific SSL certificates. Talking about an Android application that has those certificates.
Using Fiddler without SSL decryption as a ...
- 135
-3
votes
4
answers
901
views
How do i know some software send data behind the scene to internet
Is there any way to use tools such as Fiddler to easily figure out if any software from my system sends data to the internet behind the scene?
I have downloaded some open source free software's to ...
- 159
0
votes
0
answers
394
views
Watch Encrypted IMAP Responses
I'm trying to see if I can decipher the messages coming back from Exchange when I try and login via secure IMAP.
My office 365 accounts are under attack and I've disabled IMAP (and legacy login) but ...
- 1
0
votes
0
answers
224
views
capturing web-sockets packets from IOS using fiddler
I am using latest Fiddler version trying to capture web-sockets requests from an IOS application.
I am able to see only HTTP and HTTPS requests.
Laptop(Running fiddler on port 8888) and mobile both ...
- 1,033
0
votes
0
answers
996
views
Decryption of TLS/SSL Traffic With the debug file of fiddler on wireshark
I wanna decrypt some packets on Wireshark, when I search the Internet, some people were said to use SSLKEYLOGFILE environment, I do the stuff, but it looks like that chorme doesn`t update that file ...
- 101
2
votes
1
answer
877
views
Decrypting SSL traffic using Fiddler to see requests being sent by malware written in .NET
I tried to find the GET data of some malware but it appears that this malware is encrypting traffic using SSL.
When I tried to decrypt the SSL data via Fiddler, I always get nothing — only ...
- 21
0
votes
1
answer
4k
views
how to capture and decrypt packets sent over TLS [duplicate]
I have been using MITM for decrypting https traffic , using tools like fiddler and burpsuite . Is there a way to decrypt packet sent over TLS, any guidance would be a real help.
4
votes
1
answer
5k
views
How come I can see a full HTTPS requests via Fiddler?
I am testing a C# web API hosted on a remote server, and I am monitoring HTTPS traffic using Fiddler.
What confuses me is that via Fiddler I can see all of the POST payload, headers and host URL ...
- 179
1
vote
0
answers
186
views
How do I intercept packages in a Facebook application?
I can not listen to HTTPS traffic in the Facebook application through Fiddler and Burp. SSL-Pinning is disabled through SLL Kill Switch 2 (other applications such as Twitter, Snapchat with SSL-Pinning ...
-5
votes
1
answer
322
views
Is getting intercept request of HTTPS in clear text is a bug [closed]
I am new in pentesting so I don't know what to expect.
I am intercepting HTTPS requests of Android apps in my phone through Fiddler for pentesting purposes. I have installed the Fiddler certificate on ...
5
votes
4
answers
504
views
Fiddler show external requests but not initiated by any legitimate process
While debugging my web application in Fiddler, I found out that there are some suspicious requests to some hotel sites, search requests to google.pl. etc. See below images. Strangely there no process ...
- 161