SlideShare a Scribd company logo

4.2. Web analyst fiddler

defconmoscow
defconmoscow

This document discusses using Fiddler, a web debugging proxy, to debug HTTP traffic and tune proxy settings. It highlights how Fiddler scripts allow setting breakpoints to inspect JavaScript files from multiple hosts to find the source of unwanted content, and how Fiddler can be used to download malware signatures and lists of dynamic DNS domains for analysis.

Related slideshows

Revisiting HTTP/2
Revisiting HTTP/2Revisiting HTTP/2
Revisiting HTTP/2
 
WebSockets On Fire
WebSockets On FireWebSockets On Fire
WebSockets On Fire
 
Scale your Magento app with Elastic Beanstalk
Scale your Magento app with Elastic BeanstalkScale your Magento app with Elastic Beanstalk
Scale your Magento app with Elastic Beanstalk
 
1 of 20
Download to read offline
Debugging proxy tuning for fun and profit By Peter Volkov
Still using wireshark for HTTP debugging/analysis?
Use appropriate tools!
JScript based scripting engine
Fiddler script basics
My favorite use case: Where did this @$%^ came from? Easy case:
But what if plaintext search doesn’t help? Inspect all these 60+ js from 10+ hosts manually?
Breakpoints!
Breakpoints!
Fiddler script basics
Fiddler script basics
4.2. Web analyst fiddler
4.2. Web analyst fiddler
Go get some exploit kits regexps on http://www.malwaresigs.com/
Dyndns, .in, .cn, etc http://mirror1.malwaredomains.com/files/dynamic_dns.txt
4.2. Web analyst fiddler
4.2. Web analyst fiddler
Setting referrer Disabling HTTP cookies
Download ‘em all!
The end.

More Related Content

4.2. Web analyst fiddler