Wireshark, HTTPWatch, Fiddler

  • Firebug, while capable of capturing packets, is not powerful enough to analyze the details of HTTP requests. The ability to simulate HTTP requests is not enough, and Firebug often requires “no refresh changes,” where if the page is refreshed, none of the changes are saved.
  • Wireshark is a common tool for capturing packets. However, the Wireshark is relatively large. For applications that only need to capture HTTP requests (TCP/IP listening), Wireshark may be overqualified.
  • Httpwatch is also a common tool for CAPTURING HTTP packets, but it only supports Internet Explorer and Firefox (other browsers may have plugins). It seems a little weak for debugging HTTP requests from Chrome. Fiddler2 is a local HTTP proxy that uses 127.0.0.1:8888. Any browser and application that can set the HTTP proxy to 127.0.0.1:8888 can use Fiddler.
  • Fiddler can only capture HTTP and HTTPS packets, so it’s more professional at capturing both.

Function:

1. Intercept HTTP/HTTPS requests from the client. 2. And can forge the request content and response result 4. Test the website performance 5. Decrypt the HTTPS reply 6. Extensible plug-inCopy the code

How to use

After this function is enabled, the proxy server of the browser is automatically changed

  • Stream mode (can be displayed in real time, close to the browser’s own response)
  • Buffering mode (HTTP request with all data ready only to return data to the client, can control the server response)

Usage scenario of Fildder

  • Development environment host configuration
  • Debugging front and rear interfaces
  • Online bugFix (can be distributed to the local agent file, quickly locate online bugs)
  • Performance analysis and optimization (provide the actual diagram of the request to facilitate optimization)

directory

The toolbar

  1. Select Add comment for the request
  2. Replay: Select request resubmit (shortcut key R) to request again.
  3. X: Clears the monitoring panel
  4. GO: HTTP request or return the breakpoint to view
    • As in development we often use Debug
    • Use with the power off switch in the status bar
    • Support for opening request and response breakpoints
  5. Stream: Mode switchover
    • Stream mode (close to normal HTTP request, real-time response)
    • Buffered mode (the response is not returned until the request is complete, so the response can be controlled)
  6. Decode: Decompresses the request to easily view the information in the Http request
  7. Keep Session: indicates the number of sticky sessions
  8. AnyProcess: Filter requests (specify browser, by selected process)
  9. Find: Search criteria to find annotations
  10. save: Saves the current session
  11. screenshots
  12. The timer
  13. Browse: Quickly starts the browser
  14. Clear Cache: Clear the browser cache
  15. TextWizard: Codec and tools
  16. Tearoff: Separation panel

The status bar

  1. Black window: QuickExec command line, type help to go to the official website to view detailed commands
  2. Capturing: Enables or disables the agent
  3. webbrowsers: Filter source
  4. Add a pre-request post-request breakpoint
  5. The number of connections
  6. Request the address

Monitoring and control panel

  1. Panel icon

  1. The right function
    • statisticsData statistics – Connection established send request send request header request sent outRTT round trip time
    • inspectorsRequest unpacking — Request/response
    • autoresponderResource agent – Proxy server file, change js, etc file, online bugfix
    • composerFront – and – back interface – Drag to a window for request forgery
    • filtersFilter – Filters unwanted requests
    • logThe log
    • timelineNetwork performance optimization – Select the same site to view for performance optimization
    • FiddlerScriptCode to modify the proxy request response to limit request latency and so on

Simple use

To set breakpoints

As described earlier, when a breakpoint is enabled in the status bar (either a request breakpoint or a response breakpoint), all requests are interrupted. In fact, when a web page loads, it triggers a lot of asynchronous requests. Even after loading, asynchronous requests are constantly sent, such as the now-popular QR code login page. It seems inappropriate to intercept all requests. The command line that actually left breakpoints in the previous section was not covered. Breakpoints are breakpoints, and everything related to breakpoints is prefixed with BP.

  • bpu: request breakpoint, for examplebpu /foo
  • bpafter: request breakpoint, for examplebpafter /foo
  • bps: request breakpoint, for examplebps 404
  • bpm: request breakpoint, for examplebpm post

Breakpoints can be cleared with a command with no arguments, such as BPafter to clear all response breakpoints.

Urls are matched to determine “whether the string contains”. For example, bPU /foo will block all requests that contain /foo.

If you forget these commands, type BP on the command line and press Enter to see the prompt. Bp is short for breakpoint, can you remember that?

The specific use

  1. File, folder proxy, and host configuration

Tools–>host (not host under system)

  1. AutoResponder: Monitor panel

    • Enable Rules Enable the resource proxy
    • Drag-and-drop requests to the window to support regular expression matching
    • Select response content
    • save

  2. Request forgery

    • Drag the request to the window
    • Modify the request
    • Excute performs forged requests

  3. Network request latency (use of FiddlerScript)

    FiddlerScript codifies the request, modifying the code before and after the request to OnBeforeRequest

    • Add oSession [” request – the trickle – delay “] = “3000”; Add a 3-second delay to the request
    • Add oSession [” the response – the trickle – delay “] = “3000”; Add a 3-second delay to the server response

Or look at SimulateModem through Rulse Rules -> Customize Rules CTRL + F and see a concrete block of code, Modify the delay time and save Performance -> SIMULmoDEMS Speeds: Enable or disable delay

HTTPS Fetching Settings

You need to import a certificate that installs Fiddler

Download and install the Fiddler certificate generator: www.telerik.com/docs/defaul…

The procedure is as follows: Choose Tools > Options

1.HTTPS:

2.Connections:

3. Export the certificate:

Select 'Export Root Certificate to Destop' from 'HTTPS' Actions to generate a Fiddler Certificate to the desktopCopy the code
  • Intercepts HTTPS browser requests

Find the Settings management certificate for your favorite browser, import the certificate you just generated, and restart Fiddler

Safety Link Tips

For details, see Fiddler for the most complete configuration of HTTPS packet capture

Fiddler plug-in

Official plug-in download address

Willow plug-in