https://github.com/ViRb3/TrustMeAlready

🔓 Disable SSL verification and pinning on Android, system-wide
https://github.com/ViRb3/TrustMeAlready

android bypass module pinning root ssl xposed

Last synced: about 2 months ago
JSON representation

🔓 Disable SSL verification and pinning on Android, system-wide

• Host: GitHub
• URL: https://github.com/ViRb3/TrustMeAlready
• Owner: ViRb3
• Archived: true
• Created: 2019-03-09T19:42:11.000Z (over 5 years ago)
• Default Branch: master
• Last Pushed: 2019-09-23T19:53:15.000Z (almost 5 years ago)
• Last Synced: 2024-05-18T07:32:56.912Z (4 months ago)
• Topics: android, bypass, module, pinning, root, ssl, xposed
• Language: Java
• Homepage:
• Size: 65.4 KB
• Stars: 1,172
• Watchers: 25
• Forks: 146
• Open Issues: 3
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

• awesome-rainmana - ViRb3/TrustMeAlready - 🔓 Disable SSL verification and pinning on Android, system-wide (Java)

README

        
## TrustMeAlready 

An Xposed module to disable SSL verification and pinning on Android using the excellent technique provided by [Mattia Vinci](https://techblog.mediaservice.net/2018/11/universal-android-ssl-check-bypass-2/). The effect is system-wide.

### Requirements

* An Xposed-compatible hooking system. Some options at time of writing:

    * [EdXposed](https://github.com/ElderDrivers/EdXposed) (Android 9, Magisk-based and passes SafetyNet)

    * ['OG' Xposed](https://forum.xda-developers.com/showthread.php?t=3034811) (Android 5-8)

### Tested

* Android 9.0, arm64, EdXposed v0.3.0.0_beta3

### Download

Available under **Releases** or at the [Xposed module repository](https://repo.xposed.info/module/com.virb3.trustmealready)

### Troubleshooting

* Some apps implement custom certificate checking, bypassing this hook. Try sniffing Chrome traffic, if you don't get an invalid certificate error then this module is working as it should

* Check your Xposed logs, chances are this module couldn't hook the correct method