The Show Image Bloat extension scans GIF, JPEG and PNG image files for unnecessary embedded metadata. This data, often an artifact of the editing process, bloats the file's size and slows down your site. Images containing bloat will be obscured with a "brick wall" based on the percentage of the file size that is junk.
You can learn more about the extension in this blog post.
Download
Full-screen Windows 8+ ("Metro-style") apps require additional configuration to work with Fiddler. The EnableLoopback Utility allows you to easily reconfigure these apps to work with Fiddler.
This utility is only useful on Windows 8+ and does not run on earlier versions of Windows. It is already included with Fiddler 4, and you only need to download it if you're using Fiddler version 2. Read more
DownloadThe Privacy Scanner (41kb) extension flags responses that set cookies and color codes based on P3P headers.
DownloadA simple tool for formatting JavaScript (47kb). Right-click on any JavaScript session and choose Make JavaScript Pretty, or use the Rules menu option to do this automatically for all downloaded scripts.
DownloadThe Image Flipper sample is a simple example of using a Fiddler extension to manipulate responses. When enabled, it will automatically flip all downloaded images 180 degrees. Full source is included.
DownloadThe Gallery extension (50kb) displays thumbnails of all images found among the selected Sessions. The Gallery also offers a full-screen slideshow mode with optional image effects.
DownloadThe Content Blocker sample (11kb) is a simple example of using IAutoTamper to block traffic based on URL.
DownloadiOS devices and Android devices may not work with the default HTTPS interception certificates used by Fiddler. To resolve this incompatibility, you may install a Certificate Generating plugin that generates interception certificates compatible with those platforms.
DownloadThe AnyWHERE extension (40kb) allows you to trivially spoof the responses to browsers' GeoLocation web service queries. It works with IE9+, FF4, Chrome and Opera. Full source is included. Note: You must enable HTTPS decryption for this addon to work.
Download
This package contains the three most valuable extensions for Fiddler.
These add-ons display markup with syntax-highlighting:
These are included in latest version of Fiddler and not available as a separate download any more.
This list is provided for informational purposes only, and we make no representations or warranties, expressed, implied or statutory, regarding the items, manufacturers, or compatibility of the items available within. Some of the links below send you to sites that are not under our control. We are not responsible for the contents of any linked site or any link contained in a linked site or any changes or updates to such sites. These links are provided to you only as a convenience, and the inclusion of any link does not imply endorsement by Progress.
Compressibility is a new Fiddler 4 add-on which allows you to easily find opportunities for compression savings across your entire site. Each resource dropped on the compressibility tab is recompressed using several compression algorithms and formats, and the resulting file sizes are recorded.
Learn more
Fiddler add-on to cache API responses based on rules. Useful when working with rate limited APIs or heavy/slow API responses that take up a good amount of time during development.
Learn more
Netopsy is an app for viewing network traces (SAZ files) created by the Fiddler web debugging proxy.
Client certificates are a commonly used authentication mechanism for server to server calls. Setting up client certificates in Fiddler requires you to export the certificate from the local certificate store. Determining which client certificate is set requires locating the file and inspecting the certificate details. Fiddler Client Certificate Select is a Fiddler extension designed to allow users to select certificates directly from their certificate store for use with Fiddler.
Learn moreThe MsgPackViewer Inspector enables you to to view data in the MessagePack format.
Learn more
x5s aims to assist penetration testers in finding cross-site scripting vulnerabilities. Its main goal is to help you identify the hotspots where XSS might occur by:
neXpert is a Fiddler add-on which helps identify common web performance issues.
Learn moreSmarthost makes it possible to configure Remote IP/Host Remapping independently for each client connected to a single Fiddler instance. Coworkers using the same Wi-Fi proxy can develop pages on the same domain, but point to different hosts on each request. Source code is provided.
Learn moreMockingBird is a Fiddler extension to transform HTTP requests to another format.
There are lots of reason you might need to debug a HTTP/HTTPs request(s), be it try to recreate a issue and narrow-down the problem in your favorite language editor or compare contents between different request(s) etc. MockingBird is a Progress Telerik FiddlerTM extension to transform a Fiddler's HTTP/HTTPs session to any other format you want e.g. you can generate Java, C#.net or any other language code from selected requests you want to troubleshoot issues for and use the output code in your favourite IDE. It's not limited to just code and can be used to create any format as long as you can create a Mustache template for it e.g. you can create a csv file with selected HTTP request to perform a functional or load test in SOAP UI or JMeter.
Learn moreChad Sowald's extension converts a captured request into the C# or VB.NET code necessary to issue that request.
Learn moreDave Risney wrote the WPAD Server Fiddler extension, which enables capture of traffic from clients that do not offer explicit proxy settings but do use WPAD (this is an obscure scenario).
Learn moreWatcher is runtime passive-analysis tool for Web applications. It detects Web-application security issues as well as operational configuration issues.
Learn moreThe Certificate Inspector addon enables you to view the server's HTTPS certificate chain and simplifies the task of assigning HPKP directives.
Learn more
Fedor Vlasov has written an XML Request viewer that handles x-www-form-urlencoded XML post bodies.
Learn moreAmmonite is a web application security scanner extension for Fiddler. Ammonite detects common vulnerabilities such as SQL injection, OS command injection, cross-site scripting, file inclusion, and buffer overflows. Ammonite includes unique features that make it particularly well suited for penetration testers and security professionals.
Learn moreJoris Bijnens has written an XML DataSet Inspector which shows XML data using tabs and grids.
Learn moreContent Security Policy declarations help protect your website from XSS attacks. Generating a CSP that protects your site without breaking things can be tricky, but this Fiddler4 extension makes it easy.
Learn more
Oscar Brito's extension enables you to specify latency based on regular expressions or exact URLs. Source code is available.
Learn moreThe Exchange ActiveSync Inspector for Fiddler provides a human-readable interpretation of the WBXML requests and responses used by Microsoft Outlook and other Exchange clients.
Learn moreThe Fast Infoset Inspector provided by Noemax Technologies allows you to view request and response messages encoded using the Fast Infoset format.
Download
This inspector allows you to view WCF binary-encoded messages in a TreeView.
Learn moreSometimes developers need to compare different requests from clients and test environments, or between different customers—which can be challenging.
MicroTesting Tools attempt to solve this problem by offering extensions for Fiddler that aid comparisons between requests and responses like XML, POSTS and GET and JSON. Users will be able to find the exact differences and easily visualize them. Testers will be able to find bugs very quickly by just comparing the sessions and finding the differences between the snapshots.
Learn moreTry Fiddler Classic. It is a free web debugger for Windows!
A Collection of Powerful Software Developer Tools.