Fiddler Ideas
The free web debugging proxy for any browser, system or platform.
The free web debugging proxy for any browser, system or platform.
The free web debugging proxy for any browser, system or platform.
To my knowledge, a Fiddler extension has no means of getting the raw TLS handshake data.
This would be extremely useful for some extensions I develop. Two use cases are, first, getting the TLS extensions. The primary motivation for this is to extract SCTs from the signed_certificate_timestamp extension. But I am sure there are other cases where I'll need more.
The second being getting the certificate in the case of a blind tunnel when HTTPS interception is disabled, then the certificate chain could still be obtained from the ServerHello.
Guest
Today, Fiddler has some of this data (it uses a stream wrapper to eat TLS "SNI Name Mismatch" Warnings to avoid a bug in .NET; I'd considered generalizing this to expose some other interesting data (specifically, the size of the ServerHello and the number of certificates in the chain supplied) but never got around to it.
To be clear, I not asking for a GUI around this or anything fancy, just a byte[] of ClientHello, ServerHello, etc. on Session.