Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/Fuzion24/JustTrustMe
An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning
https://github.com/Fuzion24/JustTrustMe
Last synced: about 2 months ago
JSON representation
An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning
- Host: GitHub
- URL: https://github.com/Fuzion24/JustTrustMe
- Owner: Fuzion24
- License: other
- Created: 2014-07-24T23:45:05.000Z (over 10 years ago)
- Default Branch: master
- Last Pushed: 2024-09-02T19:03:26.000Z (3 months ago)
- Last Synced: 2024-10-16T04:41:57.395Z (about 2 months ago)
- Language: Java
- Homepage:
- Size: 424 KB
- Stars: 4,818
- Watchers: 92
- Forks: 785
- Open Issues: 22
-
Metadata Files:
- Readme: Readme.md
- License: License.md
Awesome Lists containing this project
- awesome-rainmana - Fuzion24/JustTrustMe - An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning (Java)
README
JustTrustMe
===========An xposed module that disables SSL certificate checking. This is useful for auditing an application which does certificate pinning. There also exists a nice framework built by @moxie to aid in pinning certs in your app: [certificate pinning](https://github.com/moxie0/AndroidPinning).
An example of an application that does cert pinning is [Twitter](https://play.google.com/store/apps/details?id=com.twitter.android). If you would like to view the network traffic for this application, you must disable the certificate pinning.
I built this for xposed rather than cydia substrate because xposed seems to support newer devices better. Marc Blanchou wrote the [original tool](https://github.com/iSECPartners/Android-SSL-TrustKiller) for cydia substrate. If you find that you are not able to MITM an application please file an issue.
## Installation
As a prequsite, your device must be rooted and the xposed framework must be installed.
You can download the xposed framework [here](http://repo.xposed.info/module/de.robv.android.xposed.installer).### Install from binary
The JustTrustMe binary can be downloaded from [https://github.com/Fuzion24/JustTrustMe/releases/latest](https://github.com/Fuzion24/JustTrustMe/releases/latest)
```
adb install ./JustTrustMe.apk
```or navigate here and download the APK on your phone:
[https://github.com/Fuzion24/JustTrustMe/releases/latest](https://github.com/Fuzion24/JustTrustMe/releases/latest)### Build from Source
All the normal gradle build commands apply:
To build a release APK:
```
./gradlew assembleRelease
```
To install directly to the phone connected via ADB:
```
./gradlew installRelease
```