Fiddler Logo Fiddler book image Get the NEW book!
RSS Icon download iconGet Fiddler! Addons Help & Documentation Developer Info Discuss Contact

Fiddler - Extensions

This page contains useful extensions for Fiddler.  For best results, please ensure that you're running the latest version of Fiddler2

You can develop your own extensions using the IFiddlerExtension interface.

Syntax-Highlighting Addons

Tip: If you are a Web Developer, you need the Syntax-Highlighting extensions!

Three popular addons for formatting FiddlerScript, HTML, Javascript XML, etc, in one installer (526 kb).

  • The RulesTab2 extension is a powerful way to edit your Rules script directly within Fiddler2.
  • The FiddlerScript Editor is a standalone text editor that helps you edit script rules for Fiddler.  It offers syntax highlighting and a Class Explorer to help you author scripts. 
  • The SyntaxView Inspector offers syntax-highlighting for HTML, JScript, XML, and other web formats.

RulesTab2 Fiddler2 ScriptEditor Screenshot

JavaScript Formatter

A simple JavaScript Formatter (47kb) . Right-click on any Javascript session and choose Make JavaScript Pretty, or use the Rules menu option to do this automatically for all downloaded scripts.
Last Updated: Oct 16, 2011. Approximately 300 times faster than the old version, and less likely to mangle poorly-formatted script.

CertMaker for iOS and Android

iOS devices and Android devices may not work with the default HTTPS interception certificates used by Fiddler. To resolve this incompatibility, you may install a Certificate-generating plugin that generates interception certificates compatible with those platforms.

Windows 8 AppContainer Loopback Utility

Windows 8 "Metro-style" apps require additional configuration to work with Fiddler. The EnableLoopback Utility allows you to easily reconfigure these apps to work with Fiddler. This utility is only useful on Windows 8 and does not run on earlier versions of Windows. Download Now (60kb) or Learn more...

EnableLoopback utility

Traffic Differ

The Differ tab allows you to compare two traffic profiles. Download now (47kb).

Fiddler Differ Tab

SAZ Clipboard

The SAZClipboard is a simple extension that allows you to open a .SAZ file outside of the main Fiddler UI.  You can then drag sessions between this clipboard from the Fiddler UI. Learn more...

SazClipboard

The Gallery extension (50kb) displays thumbnails of all images found among the selected sessions.
Last Updated: Oct 3, 2011. Now includes a timed Slideshow mode and image effects. Click the Help link for details.

Gallery View

Help text

AnyWHERE (sample)

The AnyWHERE extension (40kb) allows you to trivially spoof the responses to browsers' GeoLocation webservice queries. Works with IE9, FF4, Chrome, and Opera. Full source is included. Note: You must enable HTTPS decryption for this tool to work.

AnyWHERE UI

RulesTab (sample)

The RulesTab extension is a lightweight way to tweak your Rules script directly within Fiddler2. This extension is not as powerful as the RulesTab2 extension above (no syntax highlighting or Intellisense), but it requires less memory.

Privacy Scanner

The Privacy Scanner (41kb) extension flags responses that set cookies and color codes based on P3P headers. Full source and further info...

 Privacy Scanner

Content-Blocking (sample)

The Content Blocker sample (11kb) is a simple example of using IAutoTamper to block traffic based on URI.

Fiddler Content-Block context menu

Image-Flipper (sample)

The Image Flipper sample (6kb) is a simple example of using IAutoTamper to automatically flip all downloaded images 180 degrees.

Screenshot of IE with upside-down images



3rd-Party Extensions

This list is provided for informational purposes only, and we make no representations or warranties, either expressed, implied or statutory, regarding the items, manufacturers, or compatibility of the items available within. Some of the links below send you to sites that are not under our control. We are not responsible for the contents of any linked site or any link contained in a linked site or any changes or updates to such sites. These links are provided to you only as a convenience, and the inclusion of any link does not imply endorsement by Eric Lawrence or Microsoft.  Report a problem.

neXpert Performance Report Generator

neXpert is an add-on which aids in performance testing of web applications. Learn more...

neXpert UI

StresStimulus

StresStimulus is an add-on which aids in load-testing of web applications. Learn more...

StresStimulus Screenshot

Watcher - Passive Security Auditor

Watcher is a runtime passive-analysis tool for Web applications. It detects Web-application security issues as well as operational configuration issues. Watcher provides pen-testers hotspot detection for vulnerabilities, developers quick sanity checks, and auditors PCI and OWASP compliance auditing. It looks for issues related to mashups, user-controlled payloads (potential XSS), cookies, comments, HTTP headers, SSL, Flash, Silverlight, referrer leaks, information disclosure, Unicode, and more.  Learn more...

Fiddler Watcher UI

Ammonite - Security Scanner

Ammonite is an web application security scanner extension for Fiddler. Ammonite detects common vulnerabilities such as SQL injection, OS command injection, cross-site scripting, file inclusion, and buffer overflows. Ammonite includes unique features that make it particularly well suited for penetration testers and security professionals.
Ammonite

Learn more...

x5s - Automated XSS Security Testing Assistant

x5s aims to assist penetration testers in finding cross-site scripting vulnerabilities. It's main goal is to help you identify the hotspots where XSS might occur by:
  • Detecting where safe encodings were not applied to emitted user-inputs
  • Detecting where Unicode character transformations might bypass security filters
  • Detecting where non-shortest UTF-8 encodings might bypass security filters

Learn more...

intruder21

yamagata21 built this extension which allows fuzzing of Web Applications.

Intruder21 screenshot

Learn more...

HTML Inspector

Andy Cross built this cool extension which analyzes the selected HTML response for inefficiencies.

HTML Inspector

Full source for the Inspector is provided. Learn more...

WCF Binary-Encoded Message Inspector

This inspector allows you to view WCF binary-encoded messages in a plaintext XML format. Learn more...

Chad Sowald's Request-To-Code

This extension converts a captured request into the C#, VB.NET, or Python code necessary to issue that request: http://www.chadsowald.com/software/fiddler-extension-request-to-code. The code can be run directly from the extension. (Updated 12/16/2012)

Eyal's Extensions

- Eyal has written two extensions:

Thomas Deml's Export WCAT Script extension

Microsoft Web Capacity Analysis Tool (WCAT) is the tool of choice of the IIS team as well as the Windows Performance Team. This extension allows you to export scripts from Fiddler and run them in WCAT. Learn more...

Per-Response Latency Extension

Oscar Brito's extension enables you to specify latency based on regular expressions or exact URLs. Source code is available.

WPAD Server

Dave Risney wrote the WPAD Server Fiddler extension, which is interesting for a number of reasons, although most folks will never need it.

XML Request Inspector

- Fedor Vlasov has written an XML Request viewer that handles x-www-form-urlencoded XML post bodies.

XML DataSet Inspector

- Joris Bijnens has written an XML DataSet Inspector which shows XML data using tabs and grids.





©2018 Eric Lawrence