SSL Pinning Bypass for Android Apps on Windows with Frida

after a long time hi again everyone!

recently, one of my friend has needed to test an Android application as detailed (checking its API requests). and asked me this need’s solution. then I did a test for SSL pinning bypass for an Android application on Windows with Frida. now I will explain all steps here for you.

just a short summary for SSL Pinning:

If the mobile application does not have SSL pinning, the attackers can read the HTTP packets going back and forth between the application and the server over the network with a proxy easly. For this stiation, the SSL pinning method is used, as a precaution. and as with everything, there are some solutions to bypass. we use Frida for SSL pinning bypass in this article. now let’s start!

requirements first:

  • Fiddler (Classic or Everywhere),
  • Python,
  • Frida,
  • Genymotion / Emulator or any other,
  • ADB  – Android Debug Bridge (if you prefer Genymotion, it already has adb tool.)


Continue reading