Inspecting a mobile app's HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However, with the Network Security Configuration introduced in Android 7 and app developers trying to prevent MITM attacks using certificate pinning, getting an app to work with an HTTPS proxy has become quite tedious.

Features

  • Decode the APK file using Apktool
  • Replace the app's Network Security Configuration to allow user-added certificates
  • Modify the source code to disable various certificate pinning implementations
  • Encode the patched APK file using Apktool
  • Sign the patched APK file using uber-apk-signer
  • You can also use apk-mitm to patch apps using Android App Bundle and rooting your phone is not required

Project Samples

Project Activity

See All Activity >

License

MIT License

Follow apk-mitm

apk-mitm Web Site

Other Useful Business Software
Build Agents and Models on One Platform Icon
Build Agents and Models on One Platform

Everything you need to build production-ready agents and models. Access 200+ Google and third-party AI models and tools.

Gemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
Try It Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of apk-mitm!

Additional Project Details

Programming Language

TypeScript

Related Categories

TypeScript MiTM (Man-in-The-Middle) Attack Tool

Registered

2023-08-14