Banking Apps (opens in a new tab)

SSL Unpinning with frida (opens in a new tab)

frida -U -l sslpinning.js — no-paus -f package

Intercepting applcation traffic in Burp

  • CPU-Z
  1. Connect Android device.
  2. Start Burp and set proxy to listen on all interfaces at 8080.
  3. Manual proxy in Android's WIFI settings.
  4. Download the CA certificate from http://burp/ (opens in a new tab).
  5. Install the certificate in settings.

Bypassing SSL Pinning

  • needs root, magisk, lsposed
  • Modules -> RootCloak, SSL Pinning Bypass, Trust Me, SSLUnpinning