Android Application Security Part 26 – Intercept Traffic on Android version after 4.2.2

In this post i will demonstrate to intercept traffic after Android 4.2.2. Most of the android security professionals uses Cydia Substrate and Android-SSL-TrustKiller for intercepting traffic but as Cydia Substrate is not supported after Android 4.2.2 , it may be a problem to some users who want to pentest app which only works on Kitkat(Android 4.4.4) or Lollipop(Android 5.0.0) .

So i will be using a Xposed Framework and JustTrustMe which is an xposed framework module.

  • First download Xposed Installer apk from here and install on your device.

  • Now download JustTrustMe apk from here and install it on your device.

  • Then open up your Xposed Installer App from your device and open modules in it. Then click on the checkbox to activate that module.

  • Now go to the framework section and choose Soft Reboot to reboot and activate that module.

Now if you would try to intercept using your Burp Proxy then you would be able to see the traffic of every apps.