Not sure about the non-security expert bit but I've done stuff[0] similar to this for iOS using Frida[1] which supports macOS too. For apps that use unpinned certificates and the builtin networking libraries(NSURLSession et.al.) you can directly use mimtproxy[2] or Charles[3]
If the application isn't pinning certificates, you should be able to add your own root certificate to your machine and intercept all encrypted traffic. Same method used by corporations to monitor their own networks. I successfully used this method on a mobile game years ago.
Applications with pinned certificates don't use the system certificates at all which fixes the MITM vulnerability I described. You'd need to reverse engineer them in order to change the certificate to one under your control, difficulty can vary depending on how obfuscated the code is.
0: https://hugotunius.se/2020/08/07/stealing-tls-sessions-keys-...
1: https://frida.re/
2: https://mitmproxy.org/
3: https://www.charlesproxy.com/