LogoLogo
  • About Me
  • Notes
    • Android Pentesting
      • First Android App
      • ADB
      • The INTERNET Permission
      • Installing Certificate in User Store
      • Installing system certificates
      • Install system certificates on android 14
      • apktool (for patching and decompiling)
      • Advanced Network interception using VPN
      • DNS Spoofing and Transparent Proxy
      • HTTP Mock
      • APK
      • Static analysis
        • Getting APK from a Device
      • Case Study: A Weather App
      • Frida & Objection
      • Frida Scripts
        • Tracing Activities
        • Tracing Fragments
      • Frida Trace
      • SSL Validation Bypasses
Powered by GitBook
On this page

Was this helpful?

  1. Notes
  2. Android Pentesting

Advanced Network interception using VPN

Previousapktool (for patching and decompiling)NextDNS Spoofing and Transparent Proxy

Last updated 2 days ago

Was this helpful?

  • Apps can explicitly mention to ignore device proxy settings due to which even we have our certificate in system store we will not be able to intercept traffic.

  • Here we can use Android VPN service to intercept traffic of such apps. (more detail )

  • For this we can use the open source VPN app .

    • Assure that system certificate is already installed.

    • Then change DNS setting to System DNS

    • Then add a HTTP(S) CONNECT proxy (eg:- http://192.168.29.1:8080)

    • Finally start the VPN.

  • HTTP Toolkit also use this same method under the hood.

here
rethink-app
image.png