Sniffing non-browser HTTPS – Digitalmunition

Home Forums Sniffing non-browser HTTPS

This topic contains 1 reply, has 2 voices, and was last updated by  MrEquinox98 1 month, 1 week ago.

  • Author
  • #370004



    I am trying to sniff and decrypt HTTPS requests that come from a binary I am running.

    What the best way to do so?

    I know a possible way is a man in the middle, but it would also require changing to root certificates in my computer because the binary does validate the certificate. Do you know some utility to do this whole process more easily?


  • #370005


    I’m not sure it will work or not, but you can use Charles Proxy to sniff HTTPS connections.

  • #370006


    I believe [Frida]( is able to inject code to bypass certificate pinning. I have only used Frida for android, although it worked great in that instance.

    You can use Fiddler, Burpsuite, Charles, etc. for generating the certificate and decrypting the HTTPS traffic.

    Good luck!

  • #370007


    You can dump the network traffic with tcpdump or wireshark or similar and decrypt it to re-run it later, if you have access to the keys from the server.

You must be logged in to reply to this topic.