Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ryanking13/android-ssl-unpinning
Bypass android application SSL-pinning
https://github.com/ryanking13/android-ssl-unpinning
android apk https reverse-engineering ssl
Last synced: 11 days ago
JSON representation
Bypass android application SSL-pinning
- Host: GitHub
- URL: https://github.com/ryanking13/android-ssl-unpinning
- Owner: ryanking13
- Created: 2020-06-30T14:46:08.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2023-02-27T09:52:15.000Z (almost 2 years ago)
- Last Synced: 2024-04-24T11:05:00.508Z (10 months ago)
- Topics: android, apk, https, reverse-engineering, ssl
- Language: Python
- Homepage:
- Size: 36.3 MB
- Stars: 182
- Watchers: 5
- Forks: 27
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# android-SSL-unpinning
A simple Python script which patches Android APK file to bypass SSL-pinning.
## Requirements
- Python3
- Java
## How to Run
```sh
git clone https://github.com/ryanking13/android-SSL-unpinning
cd android-SSL-unpinning
python patch.py com.apk.file.to.patch.apk
```
## How it works
1. Decompile the APK file using [APKtool](https://ibotpeaches.github.io/Apktool/install/)
2. Modify `AndroidManifest.xml` and `network_security_config.xml` to trust user certificate
3. Recompile the APK file using [APKtool](https://ibotpeaches.github.io/Apktool/install/)
4. Sign the APK file using [uber-apk-signer](https://github.com/patrickfav/uber-apk-signer)
## References
- [APKtool](https://ibotpeaches.github.io/Apktool/install/)
- [uber-apk-signer](https://github.com/patrickfav/uber-apk-signer)