SSL Pinning

Frida

• Frida Mobile Interception Scripts (HTTP Toolkit)

Objection

android sslpinning disable

Flutter

ProxyDroid + Frida

• Burp Suite -> Proxy -> Proxy settings -> Proxy listeners -> Edit

  • Bind to port: 8080

  • Bind to address: All interfaces

  • Request handling -> Support invisible proxying

• ProxyDroid

  • Host: IP Burp Suite

  • Port: 8080

  • Proxy Type: HTTP

  • Global Proxy: on / activated

• disable-flutter-tls.js

reFlutter

• Burp Suite -> Proxy -> Proxy settings -> Proxy listeners -> Edit

  • Bind to port: 8083

  • Bind to address: Specific address

  • Request handling -> Support invisible proxying

• reFlutter