7 comments

[ 3.4 ms ] story [ 16.7 ms ] thread
I appreciate the traction this received. I'd like to note that I am not a developer by trade and I'm certainly not a designer. Java isn't even my primary language. I am just somebody interested in privacy and security and this was a fun project that should be useful. Any contributions to the code or design are very welcome. I hope this helps others and thank you.
Would this let me see the full path of an https requests that an app is making? I've got a testing need for that, and am currently hampered because our secops team won't let us enable a feature flag to disable cert pinning so that Charles proxy will work.

WOuld this be a viable alternative because it runs on the actual phone itself?

(comment deleted)
Use frida(frida.re) with something like objection to disable certificate pining at runtime. You gotta have a rooted phone, or you'll have to patch the apk with Frida library.
Is there an apk to download and install? I looked for it and failed but I'm using my phone and I could have missed it.