Inspecting a mobile app's HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However, with the Network Security Configuration introduced in Android 7 and app developers trying to prevent MITM attacks using certificate pinning, getting an app to work with an HTTPS proxy has become quite tedious.

Features

  • Decode the APK file using Apktool
  • Replace the app's Network Security Configuration to allow user-added certificates
  • Modify the source code to disable various certificate pinning implementations
  • Encode the patched APK file using Apktool
  • Sign the patched APK file using uber-apk-signer
  • You can also use apk-mitm to patch apps using Android App Bundle and rooting your phone is not required

Project Samples

Project Activity

See All Activity >

License

MIT License

Follow apk-mitm

apk-mitm Web Site

Other Useful Business Software
Save Up to 91% on Cloud Compute With Spot VMs Icon
Save Up to 91% on Cloud Compute With Spot VMs

Automatic sustained-use discounts. One free VM per month. No negotiation needed.

Run batch jobs at 60-91% off with Spot VMs. Long-running workloads get automatic discounts with sustained use.
Try Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of apk-mitm!

Additional Project Details

Programming Language

TypeScript

Related Categories

TypeScript MiTM (Man-in-The-Middle) Attack Tool

Registered

2023-08-14