Ctrlk

🌐Testing Network Communication

Mobile App Network Communication

If there are no tools listed after the heading, the links are just used to gather knowledge and information about the topic.

Secure Connections

Server Trust Evaluation

Extending Trust

Restricting Trust: Identity Pinning

General Guidelines

OWASP Certificate Pinning Cheat Sheet

About Pinning Recommendations in Android Developers

About Pinning Recommendations in Apple Developers

OWASP MASTG Recommendation

Intercepting HTTP(S) Traffic

Xamarin and Flutter apps usually bypass the system proxy, so these apps are not analysable from Burp or Zap.

Alternatives are:

Run the app on a VM and analyse the VM's HTTP(S) traffic
On iOS, with a Mac, create a Remote Virtual Interface
Configure a VPN on the device being tested (example)
On Android, use ProxyOn
Take a look at section: Setting a Proxy Through Runtime Instrumentation

Intercepting Non-HTTP Traffic

Burp-non-HTTP-Extension - Burp extension
Mitm-relay - Burp extension

Intercepting Traffic from the App Process

Hook methods responsible for traffic with Frida

Intercepting Traffic on the Network Layer

Wireshark - Sniff traffic
bettercap - MITM

Simulating a Man-in-the-Middle Attack with bettercap

Simulating a Man-in-the-Middle Attack with an access point

Network Analyzer Tool

Wireshark (in CLI TShark)
tcpdump

Setting a Proxy Trough Runtime Instrumentation

iOS

Android

Inspeckage - Dynamic APK analyser
Frida

Dealing with Xamarin

Verifying Data Encryption on the Network

Verifying the TLS Settings

Recommended TLS Settings

Cipher Suite Terminology

nscurl - Apple command to verify TLS setting
testssl.sh - Command line tool to check TLS support

Making Sure that Critical Operation Use Secure Communication Channels

Static Analisys

Dynamic Analisys

PreviousTesting Authentication and Session Management NextTesting Cryptography

Last updated 2 years ago