3.1 Install application & use it

adb install path/to/app_name.apk
------------------------------------------------------------
!!!!!INTERCEPT THE WHOLE TRAFFIC FROM THE BEGINNING ON!!!!!!
------------------------------------------------------------
  • Log in -> Browse around -> load content & so on ...

  • Look for:

    • File up/download

      • try to bypass fileupload/-filter (often there is only a client-side validation)

    • Activity behavior & functionality

    • ANYTHING which indicates a communication to a backend/api or might be stored locally

  • Check your proxy and look for suspicious behavior, requests, new/different endpoints & so on ...

Last updated

Was this helpful?