> If this certificate is installed as a trusted one in my browser, would
> it be possible for somebody to fake a secure website with this
> certificate ?
Not unless they already had access to your local computer (e.g. the
ability to run a program on your computer). Each FiddlerRoot is
uniquely generated on a per-machine basis, so the root on my machine
has a different private key than the root on your machine.
For attack surface reduction reasons, I don't generally recommend you
trust the root except on test machines, but I'll admit that I do trust
the root on all of my machines.
> And related to this, can you trap this on the client side of fiddler
> or on the client site of the browser connected to fiddler proxy or
> streight connection without fiddler proxy ?
Trap what exactly?