In this blog post we will introduce WebUSB Unpinner, an open-source Web application that makes Android network analysis more accessible by leveraging WebUSB. We will explain how to bootstrap the application, which kind of security measures it can bypass and how to better understand its components to benefit as much as possible from this tool. One of the key aspects of WebUSB Unpinner is that it does not require to install any additional tool on the user premises, or to compromise the security of the user device, and it does not require any previous knowledge of Android reverse engineering techniques to be used at its best.
  • W98BSoD@lemmy.dbzer0.comEnglish
    61·
    5 days ago

    *Only if you’re using an Android device with ADB enabled and a running instance of an HTTPS proxy

    • chobeat@lemmy.mlOPEnglish
      62·
      5 days ago

      which expands the group of people that can do this from mobile cybersec people to anybody with some foundations of IT management skills

      • W98BSoD@lemmy.dbzer0.comEnglish
        1·
        4 hours ago

        *Only if you’re using an Android device with ADB enabled and a running instance of an HTTPS proxy

        Others, fuck off.

  • pcouy@lemmy.pierre-couy.frEnglish
    1·
    5 days ago

    This is neat. I’ve intercepted trafic from a few apps in the past, and whenever cert pinning was enabled it was a massive pain to deal with