Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ac-pm/SSLUnpinning_Xposed

Android Xposed Module to bypass SSL certificate validation (Certificate Pinning).
https://github.com/ac-pm/SSLUnpinning_Xposed

Last synced: about 1 month ago
JSON representation

Android Xposed Module to bypass SSL certificate validation (Certificate Pinning).

Host: GitHub
URL: https://github.com/ac-pm/SSLUnpinning_Xposed
Owner: ac-pm
License: gpl-2.0
Created: 2015-10-09T05:05:11.000Z (about 9 years ago)
Default Branch: master
Last Pushed: 2016-09-15T13:25:31.000Z (about 8 years ago)
Last Synced: 2024-08-03T01:16:44.080Z (4 months ago)
Language: Java
Size: 1.98 MB
Stars: 765
Watchers: 28
Forks: 113
Open Issues: 9
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-rainmana - ac-pm/SSLUnpinning_Xposed - Android Xposed Module to bypass SSL certificate validation (Certificate Pinning). (Java)

README

*Attention:* I'm working in a new suite of tools that include SSLUnpinning feature and many, many others! Look here -> https://github.com/ac-pm/Inspeckage

SSLUnpinning - Xposed Module
========

Android Xposed Module to bypass SSL certificate validation (Certificate Pinning).

Description
-----------

If you need to intercept the traffic from an app which uses certificate pinning, with a tool like Burp Proxy, the SSLUnpinning will help you with this hard work!
The SSLUnpinning through Xposed Framework, makes several hooks in SSL classes to bypass the certificate verifications for one specific app, then you can intercept all your traffic.

API
-----------
Java Secure Socket Extension (JSSE)
- javax.net.ssl.*

APACHE
- org.apache.http.conn.ssl.*

OKHTTP
- okhttp3.*

Usage
---------------

* install Xposed in your device (root access on Android 5.1 or later);
http://repo.xposed.info/module/de.robv.android.xposed.installer
* Download the APK available here https://github.com/ac-pm/SSLUnpinning_Xposed or clone the project and compile;
* Install mobi.acpm.sslunpinning_latest.apk on a device with Xposed:

adb install mobi.acpm.sslunpinning_latest.apk

* SSLUnpinning will list the applications to choose from which will be unpinned;
* Ok! Now you can intercept all traffic from the chosen app.

Download
---------------
Get it from Xposed repo: http://repo.xposed.info/module/mobi.acpm.sslunpinning

### How to uninstall

adb uninstall mobi.acpm.sslunpinning

Screenshots

License
-------

See ./LICENSE.

Author
-------

ACPM