Skip to main content
  • EN

Hello Netskope Community! 


 


This topic covers Fiddler, the 18yo Web Debugging proxy that most seasoned web developers, IT and security professionals love. This tool can help you record, view, replay and tweak web transactions in unimaginable ways making it one of the most popular web debugging tools in the world. 


 


Fiddler Classic is only available for Windows but there is a paid version called Fiddler Anywhere which can also run on Mac and Linux. 


 


A common question we get is, how can i make it work with Netskope? The reason behind this question can be someone who is just debugging their very own applications, a security researcher or even a Proxy SME troubleshooting an issue. 


 


Once you install Fiddler on a Windows machine (did all my testing with Windows 11 Home edition build 22621) two things matter most: 1) how you will proxy the traffic and 2) how you will intercept the traffic. 


 


Let me address the second item first since its an easier topic. SSL decryption with Fiddler requires a self-signed CA that is then automatically added to the Windows Certificate store so thats taken care of. You do need to enable and configure SSL decryption on your own (Tools >Options> HTTPS) but that works like a charm so no additional settings required besides enabling it. 


 


The other topic is about proxying the traffic: By default Fiddler stands up a local proxy on port 8888 and sets the system proxy settings to it for both HTTP/HTTPS traffic automatically but out of the gate, it doesn't work with Netskope. The reason is because the Netskope client doesn't listen for traffic destined to port 8888 by default, so to make it work you have to either change the port to a port Netskope is listening to or add port 8888 to the list of non-default steered applications. 


 


To demonstrate how to fix this i will add port 8080 to non-standard ports and configure Fiddler to use it: 


1) Open your Netskope settings page, click "Security Cloud platform" > "Steering Configuration" > Select the desired steering configuration and click on "Edit" located in the upper-right corner of your screen. Once the pop-up opens click on the "Non Standard Ports" tab and add port 8080 like demonstrated below: 


 



 


2) After your client configuration is updated, open Fiddler and click "Tools" > "Options" > "Connections" and change the port option from 8888 to 8080. Save and restart Fiddler. 


 



 


3) Reopen fiddler, make sure its running and open your system proxy settings. Confirm that your proxy port is now changed to 8080. 


 



 


4) open your browser and navigate to an HTTPS website with your Netskope Client running. you should now see transactions which are fully decrypted being visible in your Fiddler screen. My example below shows the headers in both request and response. 


 



 


Hope this article helps you or someone at your organization get Fiddler working while taking all the benefits of the Netskope SSE platform!


 


 


 


 

Be the first to reply!

Reply


Terms & ConditionsCookie settings