Wireshark is nice, but for HTTPS MitM you'll need a tool like mitmproxy/Burp to do the proxying and either modifications to the system image or a Frida daemon running as root to make most apps trust the MitM'd certificates.
To get the traffic routed right, the Wireguard option for mitmproxy is pretty useful in my experience. Not sure how well Waydroid + Android VPNs work together, though.
There's also certificate pinning which is done by basically every modern android app so you often need to modify apk to remove that. Httptoolkit has a good blog on the process: https://httptoolkit.com/blog/frida-certificate-pinning/
jeroenhd|1 year ago
To get the traffic routed right, the Wireguard option for mitmproxy is pretty useful in my experience. Not sure how well Waydroid + Android VPNs work together, though.
wraptile|1 year ago
feanaro|1 year ago
EDIT: Oh, look at this https://mitmproxy.org/posts/wireguard-mode/. TIL.
unknown|1 year ago
[deleted]