Recently I had to capture some HTTP and HTTPS requests and responses for documentation I was writing. My first thought was to use the HTTP Inspector from ActiveState Komodo 4.0. Unfortunately, HTTP Inspector does not unencrypt HTTPS (encrypted) sessions. I found another tool that does unencrypt HTTPS sessions, however: Fiddler2, written by Eric Lawrence of Microsoft, which can be downloaded from http://www. Recently I had to capture some HTTP and HTTPS requests and responses for documentation I was writing. My first thought was to use the HTTP Inspector from ActiveState Komodo 4.0. Unfortunately, HTTP Inspector does not unencrypt HTTPS (encrypted) sessions. I found another tool that does unencrypt HTTPS sessions, however: Fiddler2, written by Eric Lawrence of Microsoft, which can be downloaded from https://www.fiddler2.com/Fiddler2/. FAQs for Fiddler2 are here, and documentation and a quick start video for Fiddler v1.x are here. There are MSDN articles about using Fiddler here and here.From the Fiddler site: Fiddler is a HTTP Debugging Proxy which logs all HTTP traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP Traffic, set breakpoints, and “fiddle” with incoming or outgoing data. Fiddler is designed to be much simpler than using NetMon or Achilles, and includes a simple but powerful JScript.NET event-based scripting subsystem. Fiddler2 is different from Fiddler v1.x in three major ways: it supports viewing and tampering with HTTPS traffic; it has better support for saving to Visual Studio WebTest files; and it requires .NET Framework 2.0.What’s a debugging proxy? In effect, it’s a benign man-in-the-middle attack. Fiddler works by registering itself as the system proxy for Microsoft Windows Internet Services (WinInet), the HTTP layer used by Internet Explorer, Microsoft Office, and many other products. If you look in the IE 7 Internet Options/Connections/LAN Settings dialog when Fiddler is running, you’ll see that “Use a proxy server for your LAN” has been checked; if you look at the advanced proxy properties, you’ll see that Fiddler2 is proxy for both the HTTP and Secure server types, and runs on port 8888 of the local host. If you look at the same place after stopping Fiddler2, you’ll see that “Use a proxy server for your LAN” has been unchecked, meaning that Fiddler2 has unregistered itself as the system proxy.Fiddler intercepts and logs all your HTTP and HTTPS traffic, and lets you view it and fiddle with it (hence the name) in various ways. All that logging will slow down your browsing noticeably, but if you pay attention to what it tells you, you can, among other things, use Fiddler to speed up your own Web sites. Software Development