A framework based on the Fiddler web debugger to analyze malicious web traffic.
The following commands can be typed in the QuickExec bar:
save
Save current traffic
ui
Change UI mode between standard, and advanced
vpn
Load a custom .opvn file
proxy
Chain Fiddler to upstream proxy
import
Import a SAZ or PCAP
regexes
View MasterRegexes and CustomRegexes
run
Run regexes against current traffic
reset
Clear current comments and colors
Windows
Download and install from here: https://www.telerik.com/fiddler
Linux
-
Download Fiddler: http://telerik-fiddler.s3.amazonaws.com/fiddler/fiddler-linux.zip
-
Download and install Mono: https://www.mono-project.com/download/stable/#download-lin
-
Run Fiddler: cd fiddler-linux, mono Fiddler.exe
-
Additional instructions (certs, etc): https://www.telerik.com/blogs/fiddler-for-linux-beta-is-here
Mac
Launch Fiddler, and go to Tools -> Options
In the Scripting
tab, change the default (JScript.NET) to C#.
In the same Tools -> Options
menu, click on the Tools
tab.
- Windows:
notepad.exe
ornotepad++.exe
- Linux:
gedit
- Mac:
/Applications/TextEdit.app
or/Applications/TextWrangler.app
Close Fiddler
-
Windows (7/10)
C:\Users\[username]\Documents\Fiddler2\Scripts\
-
Ubuntu
/home/[username]/Fiddler2/Scripts/
-
Mac
/Users/[username]/Fiddler2/Scripts/
Start Fiddler to complete the installation of EKFiddle. That's it, you're all set!
Delete CustomRules.cs