Inspecting a mobile app’s HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However, with the Network Security Configuration introduced in Android 7 and app developers trying to prevent MITM attacks using certificate pinning, getting an app to work with an HTTPS proxy has become quite tedious.
apk-mitm automates the entire process. All you have to do is give it an APK file and apk-mitm will:
- decode the APK file using Apktool
- modify the app’s AndroidManifest.xml to make it
- modify the app’s Network Security Configuration to allow user-added certificates
return-voidopcodes to disable certificate pinning logic
- encode the patched APK file using Apktool
- sign the patched APK file using uber-apk-signer