240
98
In previous jobs when I've worked on a Windows machine, I've used Fiddler for viewing HTTP transactions and debugging.
I'm specifically looking to monitor the HTTP transactions for an ajax site I'm working on to verify that the site is doing what I expect. Rewriting HTTP (as provided by Fiddler) is a nice-to-have, but not essential.
Can anybody recommend something similar for use on a Mac?
Doug Harris
Posted 2009-09-17T17:53:35.907
Reputation: 23 578
71
I found Charles Proxy. It's much closer to the functionality of Fiddler. It's not free, but it may be worth the price.
Doug Harris
Posted 2009-09-17T17:53:35.907
Reputation: 23 578
5An important functionality that charles (and fiddler and maybe webscarab) provide is the ability to intercept and modify requests, including https decryption. – urban_raccoons – 2014-08-09T18:36:17.563
1I use Charles to decrypt Instagram, Facebook and other mobile apps https requests. Just point iPhone Proxy to Charles and I'm able see how they send data and what data they send! – Mário Carvalho – 2015-05-26T00:11:42.747
I am not able to see decompressed response for my requests. Is there a way to set charles to automatically decompress and show the result – Harsh – 2016-07-14T05:55:43.710
@Harsh, in my experience, Charles does automatically decompress the response (if you're looking at the text or html view) if it is compressed in someway for the browser. (E.g., GZip compression.) If you're talking about HTTPS issues, though, (e.g., encryption), you will need to install the Charles Proxy certificate, which will decrypt those and make them human-readable. If that does not address your issue, please consider opening a question here on a Stack Exchange site, or opening a ticket with Charles Proxy. (Note: I am not employed by Charles Proxy, but I am a happy user of their software.) – Spencer D – 2016-07-26T09:02:55.833
Oh, and to address the really old question of "anyone here ever use it?", I use it pretty frequently. Extremely useful for web debugging, and, not to promote such behaviour, but if you want to try your hand at online game exploitation, it is pretty useful for that as well ;-) – Spencer D – 2016-07-26T09:05:48.553
Just curious: did anyone here ever use it? – Arjan – 2009-09-18T11:07:33.703
I used it for an hour or two after I found it. The trial version has some nag screens and a 30 minute restriction, but I don't think those are unreasonable. I was looking for specific headers in the HTTP response and I was able to see these easily. – Doug Harris – 2009-09-18T18:11:33.143
1The nice thing about Charles is that it is available for both OSX and Windows so if you go back and forth frequently it's a nice common tool. – Justin Ohms – 2013-05-02T23:20:24.810
130
Use Chrome and navigate to chrome://net-internals/
It allows detailed analysis and dumps.
brains_at_work
Posted 2009-09-17T17:53:35.907
Reputation: 191
5this tool seems "neat" but how can you see the entire request payload (i.e. GET request headers?) – genxgeek – 2015-05-20T05:25:14.530
AFAIK, this does not offer a way to modify the data in transit such as Fiddler does with FiddlerScript, AutoResponder, and breakpoints. Good tool but for different purposes. – iX3 – 2015-05-20T17:20:06.037
@Jaj: that info is already present in the network tab of DevTools – oligofren – 2015-10-28T12:14:44.697
34this tool only seems to capture chrome traffic. Is there any way to use this tool to capture http traffic from/to a a particular process? – morpheus – 2016-01-19T22:58:26.713
can this be used to debug traffic from iPhone simulator – hariszaman – 2016-07-31T18:56:25.847
1Nice. Any idea when that was added to chrome? – Doug Harris – 2011-11-28T15:54:59.523
2Nope, sorry. I used to work with Fiddler on Windows, but moving to a Mac I stumbled over net-internals while looking for hidden chrome features. – brains_at_work – 2011-12-09T13:11:56.463
35
I've used mitmproxy for intercepting HTTP traffic. It's a great tool and you can use it for debugging mobile devices as well or any operating system for that matter.
eikes
Posted 2009-09-17T17:53:35.907
Reputation: 165
LOOVE THIS! Incidentally, for all the script kiddies, in case you write code in something other than JS sitting in the browser, this thing is THE ticket. – Shane – 2018-06-22T20:01:30.460
NB: Requires Xcode 11.1 – Leo – 2019-11-27T11:38:14.340
30
My favorite mac app for monitoring traffic is HTTPScoop, I detail that as well as using tcpdump from the commandline in this post I blogged last year.
Ted Naleid
Posted 2009-09-17T17:53:35.907
Reputation: 1 059
does not work for me – János – 2015-03-26T12:12:39.713
Sorry, this app is a piece of trash for two reason. It has like 3 buttons and the author still needs to provide a video of how to use it. Let's not forget to mention that when you press scoop and refresh the browser page absolutely nothing shows up! – The Muffin Man – 2015-05-07T04:08:44.880
1I tried to use this app, it's horrible compared with fiddler. I want to capture all traffic and all ports all interfaces not port 80 on localhost. I tried to add the ports I wanted thru preferences (with scoop off). This did not help me as the things I wanted to monitor were on two different interfaces e.g lo / en0 – KnuturO – 2015-11-25T16:06:20.317
2Link to blog not working :( – Reg – 2017-10-18T14:39:03.130
If you happen to know Wireshark (or the less powerful Cocoa Packet Analyzer): can you compare HTTPScoop to that? – Arjan – 2009-09-18T11:09:18.600
It's quite a bit simpler, but much easier to use than wireshark IMO. Very easy to fire up and monitor http traffic with, but less adept at monitoring other kinds of traffic. I'm not familiar with cocoa packet analyzer. – Ted Naleid – 2009-09-18T13:18:12.020
1Cocoa Packet Analyzer is quite simple too. However, I never figured out how to filter some specific port or server IP address, and then see both the request and reply... That's easily done in Wireshark. (Just type smtp as display filter to see all traffic that uses the SMTP protocol. Or tcp.port == 25 to get all traffic to port 25, and its responses. Or http and ip.addr == xxx to get all HTTP traffic to and from some server.) – Arjan – 2009-09-19T08:24:08.300
1httpscoop looked promising, unfortunately it seems to be abandoned and I was unable to capture localhost traffic on 10.9.2. The last release dates back to 2009 and the website touts ans upcoming v2.0 which doesn't seem to be forthcoming :/ – Jean – 2014-03-26T10:24:17.863
19
Not what you asked, but in Firefox the Live HTTP Headers add-on is all I need if I want to edit and re-play requests, including changing the URL and the HTTP method.
In Firebug, the Network Monitoring shows all requests and responses. Likewise, in Safari the Resources pane of the built-in Web Inspector covers most of my needs as well. (Enable the Web Inspector through the preferences: Show Develop menu in menu bar.) Chrome and Firefox have similar tools.
When things get more complicated, I fire up my Wireshark packet sniffer. However, unlike Fiddler, Wireshark does not let you change the data, and does not support things like auto responders, like Fiddler apparently does.
For Wireshark, see Hyper Text Transfer Protocol (HTTP) for some generic HTTP capturing information, and HTTP Packet Capturing to debug Apache, for some example display filters. (You may want to set the capture filter to "port 80", to show all requests to that port, and responses from that port. Or, to limit to some server, use capture filter "port 80 and host www.google.com".) Like:
# Show only 404: page not found http.response.code == 404 # Show only certain HTTP methods http.request.method == "POST" || http.request.method == "PUT" # Show only javascript http.content_type contains "javascript"
Note that Wireshark can decompress gzip or deflate encoded (compressed) things on the fly for you. That makes things much easier to read as most web servers will compress the data they send to a browser.
(As for auto responders: the excellent JS Bin has a short video on how to use it to debug Ajax requests. If you don't know JS Bin, then first view the introduction video.)
Arjan
Posted 2009-09-17T17:53:35.907
Reputation: 29 084
I tried it but I couldn't make a new request to a different url (in the same domain) and couldn't find how (from a GET to a POST for example). – Purefan – 2014-11-18T08:54:11.780
@Purefan, without more detail we cannot help; it works for me, see the screenshot I just added. You may have run into https://www.mozdev.org/bugs/show_bug.cgi?id=25831
– Arjan – 2014-11-18T19:46:35.647+1 for Firebug -- I love their network monitoring tool – Josh – 2009-09-21T23:15:13.407
7
In addition to Charles (already mentioned), I also like the HttpFox add-on for Mozilla Firefox. Like Charles, you can use it on both Mac and Windows. It's lighter-weight than Charles because it lives in the browser, useful for quick troubleshooting. Here's some information from the HttpFox page:
HttpFox monitors and analyzes all incoming and outgoing HTTP traffic between the browser and the web servers.
It aims to bring the functionality known from tools like HttpWatch or IEInspector to the Firefox browser.
Information available per request includes:
- Request and response headers
- Sent and received cookies
- Querystring parameters
- POST parameters
- Response body
And, a screenshot:
Chris W. Rea
Posted 2009-09-17T17:53:35.907
Reputation: 10 282
This is not compatible with the newer versions of Firefox (Firedox 57 and Firedex Deveolper Edition 57) – Promather – 2018-01-14T01:43:42.977
6
Not a proxy, but it does help in debugging HTTP:
Simply start a scan on the interface you're going to have the HTTP traffic on, execute the traffic and then stop scanning and type "HTTP" as the filter string. You will then be able to inspect all the packets of the HTTP conversation. With the Packet Detail view open you can open the HTTP section and it will stay open between packets.
It's a great tool to have and it doesn't require you to change the browser proxy. On the other hand it cannot help with HTTPS traffic since that's encrypted. (Although it can decrypt SSL connections that use RSA)
w00t
Posted 2009-09-17T17:53:35.907
Reputation: 811
2Just an update: Wireshark is pain on OS X. It requires X11, which is no longer included in OS X, so you end up using some 200MB of disk all together. – Marko Bonaci – 2015-08-17T19:54:00.220
2Just an update on @MarkoBonaci update, Wireshark 2.x now runs great on OSX ditched the need for X11. – squareborg – 2015-12-01T15:10:12.510
@MarkoBonaci - you should just install with qt instead. – arcseldon – 2016-02-01T16:47:03.310
5
I'm late but - I use Paros Proxy. It's in Java, so, cross-platform. Though if you would prefer for it to be packaged as an app, there's one here at the bottom.
Abhinav Gupta
Posted 2009-09-17T17:53:35.907
Reputation: 131
4
Don't forget Burp Suite. They have a free version. It's cross platform. http://portswigger.net/burp/
smileBot
Posted 2009-09-17T17:53:35.907
Reputation: 131
2
You can easily configure Fiddler for Mac using Parallels as per instructions on their site.
The only caveat is that you have to manually configure your Network settings to point to the IP address of the VM but not really that big of a deal.
aleemb
Posted 2009-09-17T17:53:35.907
Reputation: 363
I have 5 entries in this tooltip and only one of them is IPv4 format. Which one should I pick? :) – Alex Sorokoletov – 2015-05-15T06:06:20.837
1
You can use free virtualization software such as Oracle's VirtualBox along with a VM from modern.ie if you want to run a Windows OS (after 90 days it needs to be reset) -- not too tall of an order for someone with the skills needed to run an advanced web debug proxy
– iX3 – 2015-05-20T17:16:59.717If this question was open - someone should mention Fiddler for Mac - http://www.telerik.com/download/fiddler using Mono framework...
– Mars Robertson – 2015-10-12T07:23:44.390And it is not working for me in macOS – tom10271 – 2018-01-10T02:14:52.787
7I wouldn't call that "easily" - it requires buying and installing a vm server and an entirely different operating system. – James Moore – 2013-08-15T17:08:10.190
2
It seems that the free GlimmerBlocker can do part of the trick.
Of course it can block all kind of content, and transform responses before the browser receives them. But it can in fact modify both requests and responses. And though not true debugging, it also offers logging. So, it might suit basic needs:
There are 4 types of scripts running inside GlimmerBlocker, and some objects are only defined for some of the script types:
- global proxy: this sets the global proxy settings, and can test for e.g. location name, AirPort network.
- request modification: this can change the requested URL, send back a redirect response to the browser, or send text/html back to the browser.
- keyword expansion. [Safari-only, AvB]
- transform: modify the response received by the web-server before it is sent back to Safari [or any browser that is set up to use the proxy provided by GlimmerBlocker, AvB].
(One can also use it to include various Greasemonkey scripts in the received response, without using a Greasemonkey add-on, like to block Flash without installing any add-on.)
Arjan
Posted 2009-09-17T17:53:35.907
Reputation: 29 084
GlimmerBlocker is an interesting tool, but different than what I'm looking for. I've re-edited the original description to remove the rewrite examples and clarify that I'm merely looking to monitor the traffic and not transform it. – Doug Harris – 2010-01-07T16:46:58.597
1
jMeter might also be helpful; it's designed for testing load performance on web servers, but it might still do what you need. jMeter is written in Java, so you can download a .jar file that will run on Mac, Windows, or Linux.
Evie
Posted 2009-09-17T17:53:35.907
Reputation: 11
1
Cocoa Packet Analyzer is very helpful.
actuosus
Posted 2009-09-17T17:53:35.907
Reputation: 1
4How is it helpful? A cliffs notes version of that would be hugely helpful – Journeyman Geek – 2012-06-25T14:04:04.860
cocoa packet analyzer was able to successfuly capture HTTP trafic but it doesn't do request/response reconstruction :( – Jean – 2014-03-26T10:25:30.050
1
If you're dealing with app traffic or third-party API integrations that go over the public internet, you should try Runscope (of which, full disclosure, I am a co-founder). It captures HTTP requests to any URL, gives you a nice stream view for debugging and makes it easy to share individual requests with others.
John Sheehan
Posted 2009-09-17T17:53:35.907
Reputation: 1 636
0
You could also try APIKitchen. It helps you in debugging and testing HTTP APIs and any requests in general. It also has an offline version for testing in your internal networks. No installation necessary.
kontinuity
Posted 2009-09-17T17:53:35.907
Reputation: 233
1i don't know why this would be closed? it has 113 upvotes. it's not like this was an ask on stack overflow. – genxgeek – 2015-05-20T05:17:19.757
Read the rationale directly above these comments -- "Questions seeking product, service, or learning material recommendations are off-topic" – Doug Harris – 2015-05-20T13:57:54.760
Fireup Fiddler on nearby Windows machine and configure your MAC to proxy over Windows machine and voila! everything on your MAC will be seen on Windows :) – Korayem – 2015-11-01T23:19:43.763
2FYI, for those who got really excited reading @boomhauer 's comment: Fiddler for OSX is still in Alpha, having last been touched in July 2013, it requires the Mono framework (so it's basically just a wrapper for the Windows version, not actually re-factored for Cocoa), and the release has the note: "Mac Note: The WinForms framework on Mac is almost unusably buggy. Your best bet is to run Fiddler inside a Linux or Windows Virtual Machine and point the Mac's proxy settings at that." – Anthony – 2016-03-09T00:20:45.960
You can use Owasp Zap to do this - it can be inserted as a browser based proxy, or system wide proxy, and intercepts ALL calls to all websites (http and https), and allows you to modify and log all requests. It even generates dynamic SSL certs on the fly for all websites. Here's a quick tutorial on YouTube, and here's a quick step by step of the process too. It's intended to be used for penetration testing, but works great for this case as well.
– Brad Parks – 2017-02-17T14:05:58.9574This has been closed, but still exists, so needs to have added: Fiddler is now in alpha for the mac os. – boomhauer – 2014-01-28T01:44:59.293