Skip to content

zorojean/JustTrustMe

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
app
app
 
 
bin
bin
 
 
gradle/wrapper
gradle/wrapper
 
 
.gitignore
.gitignore
 
 
Readme.md
Readme.md
 
 
build.gradle
build.gradle
 
 
gradle.properties
gradle.properties
 
 
gradlew
gradlew
 
 
gradlew.bat
gradlew.bat
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

JustTrustMe

An xposed module that disables SSL certificate checking. This is useful for auditing an appplication which does certificate pinning. You can read about the practice of cert pinning here. There also exists a nice framework built by @moxie to aid in pinning certs in your app: certificate pinning.

An example of an application that does cert pinning is Twitter. If you would like to view the network traffic for this application, you must disable the certificate pinning.

I built this for xposed rather than cydia substrate because xposed seems to support newer devices better. Marc Blanchou wrote the original tool for cydia substrate. If you find that you are not able to MITM an application please file an issue.

Installation

As a prequsite, your device must be rooted and the xposed framework must be installed. You can download the xposed framework here.

Install from binary

adb install ./bin/JustTrustMe.apk

or navigate here and download the APK on your phone:

https://github.com/Fuzion24/JustTrustMe/blob/master/bin/JustTrustMe.apk?raw=true

Build from Source

All the normal gradle build commands apply: To build a release APK:

./gradlew assembleRelease

To install directly to the phone connected via ADB:

./gradlew installRelease

About

An xposed module that disables SSL certificate checking for the purposes of auditing and app with cert pinning

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors