Is there a non-installable version of Fiddler, or equivalent?
You may try either Burp ( http://portswigger.net/burp/ ) or Web Scarab ( http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project ). Both are written in Java, downloadable as zip Files and don't require admin rights ... but java. If they don't fit you can either try one of the numerous other stand alone web proxys ( http://www.owasp.org/index.php/Phoenix/Tools#HTTP_proxying_.2F_editing ) or a Firefox plugin ( http://www.owasp.org/index.php/Phoenix/Tools#Browser-based_HTTP_tampering_.2F_editing_.2F_replaying ).
If the application is developed with Eclipse: This also has some simple Traffic Monitoring tools
In fact, Fiddler Classic does not need to be installed:
- Download Fiddler Classic setup (ie. FiddlerSetup.exe)
- Open it with your Archive Manager (ie. 7-Zip)
- Open
$PLUGINSDIRfolder - Open the contained
FiddlerSetup.exe(yes again) in your Archive Manager
- Extract the files in a folder
- Run
Fiddler.exe
For Fiddler Everywhere, it is almost the same
- Download Fiddler Everywhere (ie. Fiddler Everywhere 1.0.1.exe)
- Open it with your Archive Manager (ie. 7-Zip)
- Open
$PLUGINSDIRfolder - Open the contained
app-64.7zfile in your Archive Manager
- Extract the files in a folder
- Run
Fiddler Everywhere.exe
No, Fiddler doesn't "Add hooks" that require administrative permissions. You can simply copy the Fiddler folder from the Program Files folder onto the desktop of whatever user you want and launch it directly from there.
The only thing that you don't get in an "XCOPY" install is the Fiddler-related buttons in your browsers (e.g. IE and Firefox) because those are set by the installer, and if you don't run the installer, you won't get the browser extensions.
There's a TCP/IP sniffer called SmartSniff that is designed to not require installation.