HTTP debugging proxy for Linux and Mac [closed]

Answer 1

I personally find Wireshark to be quite easy to use. Just apply a filter for HTTP traffic and right click on the traffic going/coming to/from your site and click "Follow TCP stream".

But, if you want something a little more specific for HTTP debugging I would recommend Firebug http://getfirebug.com/

Answer 2

Charles is $50 as you know, but I find it to be completely worth the money. A ton of features, including SSL support.

FWIW, I've never had it crash on me.

Answer 3

I know this an old question but I have ended up here many times looking for a solution for this.

I tried Wireshark ( Horrible ) Burp ( Ok just not good enough ) Fiddler mono version ( Buggy as hell ) Charles & many more.

Non of these tools felt half as useful as fiddler on windows.

I found a new extension to Postman ( Nice tool for making http request ) Postman proxy it allows you to monitor http requests much the same way as fiddler does in windows.

Hope this helps someone.

Answer 4

You can of course, just use Fiddler on a Windows PC and point the Mac/Linux box at it. http://www.fiddlerbook.com/fiddler/help/hookup.asp#Q-NonWindows

You can also run Fiddler in a Windows or Linux virtual machine on the Mac itself: http://blogs.telerik.com/fiddler/posts/14-01-15/running-fiddler-in-virtualbox-on-mac

Answer 5

Wireshark won't help you if you have to debug HTTPS requests (unless you can get the encryption keys for both endpoints - see the Wireshark site for details). Firebug and Tamper Data are getting close, but for thorough analysis, I sometimes like to save a recorded session. I'd recommend giving the OWASP Zed Attack Proxy (the successor of Parosproxy, which is no longer actively developed) a try. It is a Java application serving as a http(s) proxy; it provides quite a lot of features and proved to be very helpful to me in the past.

ZAP offers an easy autoconfiguration of Firefox. Bear in mind to do that on a separate (meaning: not for other browsing activities) Firefox profile: In order to intercept https, ZAP will install a new SSL certificate.