Description: I'm a software engineer and entrepreneur. I enjoy solving high-impact problems with technology.
security (9581) tech (4436) nodejs (800) mongodb (272) ampcloud (1)
The ability to debug web applications is baked into every major browser – just click Inspect Element and you’ll see lots of information. It’s not quite as easy to do this with native apps, especially if you don’t have their source code. I’d like to show you how to understand the behavior of an application by inspecting its network requests (with or without SSL). I’ll also discuss some security implications relevant to developers who are building their own API (private or public).
Note : I am not a lawyer and this is not legal advice , however using these techniques may violate a product’s TOS and may be illegal in some cases. Consult a lawyer if you have any doubts.
To get going, we need to install a web debugging proxy on a computer (we’ll use Charles Proxy), configure our native device to use that proxy, and install a root CA certificate on our device.