Looking for HTTP debugging proxy for Mac similar to Fiddler on Windows

240

98

In previous jobs when I've worked on a Windows machine, I've used Fiddler for viewing HTTP transactions and debugging.

I'm specifically looking to monitor the HTTP transactions for an ajax site I'm working on to verify that the site is doing what I expect. Rewriting HTTP (as provided by Fiddler) is a nice-to-have, but not essential.

Can anybody recommend something similar for use on a Mac?

Doug Harris

Posted 2009-09-17T17:53:35.907

Reputation: 23 578

Question was closed 2013-11-12T18:23:38.247

1i don't know why this would be closed? it has 113 upvotes. it's not like this was an ask on stack overflow. – genxgeek – 2015-05-20T05:17:19.757

Read the rationale directly above these comments -- "Questions seeking product, service, or learning material recommendations are off-topic" – Doug Harris – 2015-05-20T13:57:54.760

Fireup Fiddler on nearby Windows machine and configure your MAC to proxy over Windows machine and voila! everything on your MAC will be seen on Windows :) – Korayem – 2015-11-01T23:19:43.763

2FYI, for those who got really excited reading @boomhauer 's comment: Fiddler for OSX is still in Alpha, having last been touched in July 2013, it requires the Mono framework (so it's basically just a wrapper for the Windows version, not actually re-factored for Cocoa), and the release has the note: "Mac Note: The WinForms framework on Mac is almost unusably buggy. Your best bet is to run Fiddler inside a Linux or Windows Virtual Machine and point the Mac's proxy settings at that." – Anthony – 2016-03-09T00:20:45.960

You can use Owasp Zap to do this - it can be inserted as a browser based proxy, or system wide proxy, and intercepts ALL calls to all websites (http and https), and allows you to modify and log all requests. It even generates dynamic SSL certs on the fly for all websites. Here's a quick tutorial on YouTube, and here's a quick step by step of the process too. It's intended to be used for penetration testing, but works great for this case as well.

– Brad Parks – 2017-02-17T14:05:58.957

4This has been closed, but still exists, so needs to have added: Fiddler is now in alpha for the mac os. – boomhauer – 2014-01-28T01:44:59.293

Answers

71

I found Charles Proxy. It's much closer to the functionality of Fiddler. It's not free, but it may be worth the price.

Doug Harris

Posted 2009-09-17T17:53:35.907

Reputation: 23 578

5An important functionality that charles (and fiddler and maybe webscarab) provide is the ability to intercept and modify requests, including https decryption. – urban_raccoons – 2014-08-09T18:36:17.563

1I use Charles to decrypt Instagram, Facebook and other mobile apps https requests. Just point iPhone Proxy to Charles and I'm able see how they send data and what data they send! – Mário Carvalho – 2015-05-26T00:11:42.747

I am not able to see decompressed response for my requests. Is there a way to set charles to automatically decompress and show the result – Harsh – 2016-07-14T05:55:43.710

@Harsh, in my experience, Charles does automatically decompress the response (if you're looking at the text or html view) if it is compressed in someway for the browser. (E.g., GZip compression.) If you're talking about HTTPS issues, though, (e.g., encryption), you will need to install the Charles Proxy certificate, which will decrypt those and make them human-readable. If that does not address your issue, please consider opening a question here on a Stack Exchange site, or opening a ticket with Charles Proxy. (Note: I am not employed by Charles Proxy, but I am a happy user of their software.) – Spencer D – 2016-07-26T09:02:55.833

Oh, and to address the really old question of "anyone here ever use it?", I use it pretty frequently. Extremely useful for web debugging, and, not to promote such behaviour, but if you want to try your hand at online game exploitation, it is pretty useful for that as well ;-) – Spencer D – 2016-07-26T09:05:48.553

Just curious: did anyone here ever use it? – Arjan – 2009-09-18T11:07:33.703

I used it for an hour or two after I found it. The trial version has some nag screens and a 30 minute restriction, but I don't think those are unreasonable. I was looking for specific headers in the HTTP response and I was able to see these easily. – Doug Harris – 2009-09-18T18:11:33.143

1The nice thing about Charles is that it is available for both OSX and Windows so if you go back and forth frequently it's a nice common tool. – Justin Ohms – 2013-05-02T23:20:24.810

130

Use Chrome and navigate to chrome://net-internals/

It allows detailed analysis and dumps.

brains_at_work

Posted 2009-09-17T17:53:35.907

Reputation: 191

5this tool seems "neat" but how can you see the entire request payload (i.e. GET request headers?) – genxgeek – 2015-05-20T05:25:14.530

AFAIK, this does not offer a way to modify the data in transit such as Fiddler does with FiddlerScript, AutoResponder, and breakpoints. Good tool but for different purposes. – iX3 – 2015-05-20T17:20:06.037

@Jaj: that info is already present in the network tab of DevTools – oligofren – 2015-10-28T12:14:44.697

34this tool only seems to capture chrome traffic. Is there any way to use this tool to capture http traffic from/to a a particular process? – morpheus – 2016-01-19T22:58:26.713

can this be used to debug traffic from iPhone simulator – hariszaman – 2016-07-31T18:56:25.847

1Nice. Any idea when that was added to chrome? – Doug Harris – 2011-11-28T15:54:59.523

2Nope, sorry. I used to work with Fiddler on Windows, but moving to a Mac I stumbled over net-internals while looking for hidden chrome features. – brains_at_work – 2011-12-09T13:11:56.463

35

I've used mitmproxy for intercepting HTTP traffic. It's a great tool and you can use it for debugging mobile devices as well or any operating system for that matter.

eikes

Posted 2009-09-17T17:53:35.907

Reputation: 165

LOOVE THIS! Incidentally, for all the script kiddies, in case you write code in something other than JS sitting in the browser, this thing is THE ticket. – Shane – 2018-06-22T20:01:30.460

NB: Requires Xcode 11.1 – Leo – 2019-11-27T11:38:14.340

30

My favorite mac app for monitoring traffic is HTTPScoop, I detail that as well as using tcpdump from the commandline in this post I blogged last year.

Ted Naleid

Posted 2009-09-17T17:53:35.907

Reputation: 1 059

does not work for me – János – 2015-03-26T12:12:39.713

Sorry, this app is a piece of trash for two reason. It has like 3 buttons and the author still needs to provide a video of how to use it. Let's not forget to mention that when you press scoop and refresh the browser page absolutely nothing shows up! – The Muffin Man – 2015-05-07T04:08:44.880

1I tried to use this app, it's horrible compared with fiddler. I want to capture all traffic and all ports all interfaces not port 80 on localhost. I tried to add the ports I wanted thru preferences (with scoop off). This did not help me as the things I wanted to monitor were on two different interfaces e.g lo / en0 – KnuturO – 2015-11-25T16:06:20.317

2Link to blog not working :( – Reg – 2017-10-18T14:39:03.130

If you happen to know Wireshark (or the less powerful Cocoa Packet Analyzer): can you compare HTTPScoop to that? – Arjan – 2009-09-18T11:09:18.600

It's quite a bit simpler, but much easier to use than wireshark IMO. Very easy to fire up and monitor http traffic with, but less adept at monitoring other kinds of traffic. I'm not familiar with cocoa packet analyzer. – Ted Naleid – 2009-09-18T13:18:12.020

1Cocoa Packet Analyzer is quite simple too. However, I never figured out how to filter some specific port or server IP address, and then see both the request and reply... That's easily done in Wireshark. (Just type smtp as display filter to see all traffic that uses the SMTP protocol. Or tcp.port == 25 to get all traffic to port 25, and its responses. Or http and ip.addr == xxx to get all HTTP traffic to and from some server.) – Arjan – 2009-09-19T08:24:08.300

1httpscoop looked promising, unfortunately it seems to be abandoned and I was unable to capture localhost traffic on 10.9.2. The last release dates back to 2009 and the website touts ans upcoming v2.0 which doesn't seem to be forthcoming :/ – Jean – 2014-03-26T10:24:17.863

19

Not what you asked, but in Firefox the Live HTTP Headers add-on is all I need if I want to edit and re-play requests, including changing the URL and the HTTP method.

Live HTTP Headers

In Firebug, the Network Monitoring shows all requests and responses. Likewise, in Safari the Resources pane of the built-in Web Inspector covers most of my needs as well. (Enable the Web Inspector through the preferences: Show Develop menu in menu bar.) Chrome and Firefox have similar tools.

When things get more complicated, I fire up my Wireshark packet sniffer. However, unlike Fiddler, Wireshark does not let you change the data, and does not support things like auto responders, like Fiddler apparently does.

For Wireshark, see Hyper Text Transfer Protocol (HTTP) for some generic HTTP capturing information, and HTTP Packet Capturing to debug Apache, for some example display filters. (You may want to set the capture filter to "port 80", to show all requests to that port, and responses from that port. Or, to limit to some server, use capture filter "port 80 and host www.google.com".) Like:

# Show only 404: page not found
http.response.code == 404

# Show only certain HTTP methods
http.request.method == "POST" || http.request.method == "PUT"

# Show only javascript
http.content_type contains "javascript"

Note that Wireshark can decompress gzip or deflate encoded (compressed) things on the fly for you. That makes things much easier to read as most web servers will compress the data they send to a browser.

(As for auto responders: the excellent JS Bin has a short video on how to use it to debug Ajax requests. If you don't know JS Bin, then first view the introduction video.)

Arjan

Posted 2009-09-17T17:53:35.907

Reputation: 29 084

I tried it but I couldn't make a new request to a different url (in the same domain) and couldn't find how (from a GET to a POST for example). – Purefan – 2014-11-18T08:54:11.780

@Purefan, without more detail we cannot help; it works for me, see the screenshot I just added. You may have run into https://www.mozdev.org/bugs/show_bug.cgi?id=25831

– Arjan – 2014-11-18T19:46:35.647

+1 for Firebug -- I love their network monitoring tool – Josh – 2009-09-21T23:15:13.407

7

In addition to Charles (already mentioned), I also like the HttpFox add-on for Mozilla Firefox. Like Charles, you can use it on both Mac and Windows. It's lighter-weight than Charles because it lives in the browser, useful for quick troubleshooting. Here's some information from the HttpFox page:

HttpFox monitors and analyzes all incoming and outgoing HTTP traffic between the browser and the web servers.

It aims to bring the functionality known from tools like HttpWatch or IEInspector to the Firefox browser.

Information available per request includes:

  • Request and response headers
  • Sent and received cookies
  • Querystring parameters
  • POST parameters
  • Response body

And, a screenshot:

Screenshot of HttpFox add-on for Mozilla Firefox

Chris W. Rea

Posted 2009-09-17T17:53:35.907

Reputation: 10 282

This is not compatible with the newer versions of Firefox (Firedox 57 and Firedex Deveolper Edition 57) – Promather – 2018-01-14T01:43:42.977

6

Not a proxy, but it does help in debugging HTTP:

Simply start a scan on the interface you're going to have the HTTP traffic on, execute the traffic and then stop scanning and type "HTTP" as the filter string. You will then be able to inspect all the packets of the HTTP conversation. With the Packet Detail view open you can open the HTTP section and it will stay open between packets.

It's a great tool to have and it doesn't require you to change the browser proxy. On the other hand it cannot help with HTTPS traffic since that's encrypted. (Although it can decrypt SSL connections that use RSA)

w00t

Posted 2009-09-17T17:53:35.907

Reputation: 811

2Just an update: Wireshark is pain on OS X. It requires X11, which is no longer included in OS X, so you end up using some 200MB of disk all together. – Marko Bonaci – 2015-08-17T19:54:00.220

2Just an update on @MarkoBonaci update, Wireshark 2.x now runs great on OSX ditched the need for X11. – squareborg – 2015-12-01T15:10:12.510

@MarkoBonaci - you should just install with qt instead. – arcseldon – 2016-02-01T16:47:03.310

5

I'm late but - I use Paros Proxy. It's in Java, so, cross-platform. Though if you would prefer for it to be packaged as an app, there's one here at the bottom.

Abhinav Gupta

Posted 2009-09-17T17:53:35.907

Reputation: 131

4

Don't forget Burp Suite. They have a free version. It's cross platform. http://portswigger.net/burp/

smileBot

Posted 2009-09-17T17:53:35.907

Reputation: 131

2

You can easily configure Fiddler for Mac using Parallels as per instructions on their site.

The only caveat is that you have to manually configure your Network settings to point to the IP address of the VM but not really that big of a deal.

aleemb

Posted 2009-09-17T17:53:35.907

Reputation: 363

I have 5 entries in this tooltip and only one of them is IPv4 format. Which one should I pick? :) – Alex Sorokoletov – 2015-05-15T06:06:20.837

1

You can use free virtualization software such as Oracle's VirtualBox along with a VM from modern.ie if you want to run a Windows OS (after 90 days it needs to be reset) -- not too tall of an order for someone with the skills needed to run an advanced web debug proxy

– iX3 – 2015-05-20T17:16:59.717

If this question was open - someone should mention Fiddler for Mac - http://www.telerik.com/download/fiddler using Mono framework...

– Mars Robertson – 2015-10-12T07:23:44.390

And it is not working for me in macOS – tom10271 – 2018-01-10T02:14:52.787

7I wouldn't call that "easily" - it requires buying and installing a vm server and an entirely different operating system. – James Moore – 2013-08-15T17:08:10.190

2

It seems that the free GlimmerBlocker can do part of the trick.

Of course it can block all kind of content, and transform responses before the browser receives them. But it can in fact modify both requests and responses. And though not true debugging, it also offers logging. So, it might suit basic needs:

There are 4 types of scripts running inside GlimmerBlocker, and some objects are only defined for some of the script types:

  • global proxy: this sets the global proxy settings, and can test for e.g. location name, AirPort network.
  • request modification: this can change the requested URL, send back a redirect response to the browser, or send text/html back to the browser.
  • keyword expansion. [Safari-only, AvB]
  • transform: modify the response received by the web-server before it is sent back to Safari [or any browser that is set up to use the proxy provided by GlimmerBlocker, AvB].

(One can also use it to include various Greasemonkey scripts in the received response, without using a Greasemonkey add-on, like to block Flash without installing any add-on.)

Arjan

Posted 2009-09-17T17:53:35.907

Reputation: 29 084

GlimmerBlocker is an interesting tool, but different than what I'm looking for. I've re-edited the original description to remove the rewrite examples and clarify that I'm merely looking to monitor the traffic and not transform it. – Doug Harris – 2010-01-07T16:46:58.597

1

jMeter might also be helpful; it's designed for testing load performance on web servers, but it might still do what you need. jMeter is written in Java, so you can download a .jar file that will run on Mac, Windows, or Linux.

Evie

Posted 2009-09-17T17:53:35.907

Reputation: 11

1

Cocoa Packet Analyzer is very helpful.

actuosus

Posted 2009-09-17T17:53:35.907

Reputation: 1

4How is it helpful? A cliffs notes version of that would be hugely helpful – Journeyman Geek – 2012-06-25T14:04:04.860

cocoa packet analyzer was able to successfuly capture HTTP trafic but it doesn't do request/response reconstruction :( – Jean – 2014-03-26T10:25:30.050

1

If you're dealing with app traffic or third-party API integrations that go over the public internet, you should try Runscope (of which, full disclosure, I am a co-founder). It captures HTTP requests to any URL, gives you a nice stream view for debugging and makes it easy to share individual requests with others.

John Sheehan

Posted 2009-09-17T17:53:35.907

Reputation: 1 636

0

You could also try APIKitchen. It helps you in debugging and testing HTTP APIs and any requests in general. It also has an offline version for testing in your internal networks. No installation necessary.

kontinuity

Posted 2009-09-17T17:53:35.907

Reputation: 233