When when trying to reverse engineer, mobile apps, APIs install postman or some other proxy’s certificate on to the device and monitor all traffic. This works for any request made on the browser as well as most apps. However, they are some like Instagram or Reddit that do not load at all. Do they have internal validation for those certificates or am I doing something wrong and can it be bypassed?
[link] [comments]
from hacking: security in practice https://ift.tt/8X0hBsd
Comments
Post a Comment