search
githubEdit

Mobile Security Controls

hashtag
Mobile Security Controls

  • Root/Jailbreak Detection

  • Certificate Pinning

  • Code Obfuscation

circle-info

All mobile security controls can be bypassed!

hashtag
ADB Commands

hashtag
List connected devices

hashtag
Get shell

hashtag
Install apk on the device

hashtag
Bypass Root Detection

hashtag
List the applications installed on the device

hashtag
Disable root using Objection

hashtag
Bypass Certificate Pinning

hashtag
Set up proxy in Burp Suite

  • Go to Proxy tab

  • Options

  • Select on existing proxy settings and Click on Edit under Proxy Listeners

  • Select All interfaces

  • Yes

hashtag
Set up Proxy Settings in the Mobile Device

  • Open Wifi Settings

  • Advanced Options

  • Enable Manual Proxy

  • Set the IP address as in the computer (In this case Kali VM)

  • Set the Proxy port

hashtag
Install Burp Certificate in the Mobile Device

  • Open browser

  • Visit: http://burp

  • Click on the CA Certificate button

  • Search "Cert" in the Settings

  • Click on the Install Certificate option

  • Install the certificate

hashtag
Get the Package name for the apk

hashtag
Bypass SSL Pinning using Objection

PreviousMobile Application Pentesting Part 3NextDynamic Analysis

Last updated