copy apk to phone and install it directly: adb push app_name.apk /sdcard/
download apk on phone and install it
------------------------------------------------------------
!!!!!INTERCEPT THE WHOLE TRAFFIC FROM THE BEGINNING ON!!!!!!
------------------------------------------------------------
Log in -> Browse around -> load content & so on ...
Look for:
File up/download
try to bypass fileupload/-filter (often there is only a client-side validation)
Activity behavior & functionality
ANYTHING which indicates a communication to a backend/api or might be stored locally
Check your proxy and look for suspicious behavior, requests, new/different endpoints & so on ...
