|
|
|
|
|
|
by shabble
986 days ago
|
|
|
mitmproxy[1] in transparent mode, with a self-signed root cert added to whatever trust stores on devices/browsers/OSes you need to intercept, is where I'd start. I'm not sure how well that copes with modern security features like cert pinning, but it's closest I can think of. [1] https://docs.mitmproxy.org/stable/concepts-modes/#transparen... |
|
|
Now, I did have to set up a root CA on my iPhone before I'm allowed to spy on traffic.
But, like you said, cert pinning requires a hack. On Android I use Frida for it. On iOS, I use ... nothing, as I haven't found a good way around it.
Actually insane that I am not allowed to look at the traffic that goes over my internet connection...