Websocket playback and general handling improvements

In my line of work (security research), WebSockets are becoming increasingly common as a way to mask malicious activity. Fiddler does allow you to view a WebSocket and display the blobs exchanged. However, I have ran into some issues when the data is compressed and there doesn't seem to be native support for decompression. A workaround was suggested here: https://fiddler.ideas.aha.io/ideas/FID-I-103

More generally, it would be a great feature to be able to replay a WebSocket in 'offline mode', similarly to how you can replay HTTP/S Sessions via AutoResponder.

Guest
Mar 29 2018
Under review

Feature Enhancement

Comments (1)
Votes (2)

Attach files

Enter a subject

Eric Lawrence commented

March 29, 2018 21:06

Yup, there are two big missing pieces here:

1. Allow injection of messages on an active websocket connection, via FiddlerScript and the WebSocket Inspectors UI
2. Enable WebSocket playback from a SAZ file in the AutoResponder

×
Attachments Open full size

Fiddler Ideas

The free web debugging proxy for any browser, system or platform.

Websocket playback and general handling improvements

Related ideas

Websocket playback and general handling improvements

Attachments Open full size

Identify yourself with your email address

Related ideas