HTTPs Inspection of Android APK

• 15 February 2019

With increased security, it's getting trickier to intercept HTTPs traffic send by Android Apps. For that reason most methods rely on rooting Android. But what to do when you don't have a rooted Android on hand?

Use Android Emulator from Android Studio:

1. Go to "Settings->Wireless & Networks->More"
2. Go to "Cellular Network Settings"
3. Go to "Access Point Names"
4. Edit Proxy and Port fields
5. Install root cert from BurpSuite or whatever tool you are using to intercept the traffic
6. Install and run your APK

• ← Previous
  WAF Proxy with ModSecurity and Apache
• Next →
  Using Frida to Bypass SSL Pinning on Android