Saltar a la navegación Saltar al contenido principal Ir al pie de página

Android SSL Bypass is an Android debugging tool that can be used for bypassing SSL verification on network connections, even when certificate pinning is implemented – as well as other debugging tasks. It runs as an interactive console.

The tool is based on a scriptable JDWP debugger using the JDI APIs (http://docs.oracle.com/javase/1.5.0/docs/guide/jpda/jdi/). The architecture of the tool is plugin-based in order to be able to load debugging code at runtime. Plugins can currently be written in Java or Jython. These debugger plugins can create breakpoint events and register themselves as handlers for those breakpoints.

The tool was presented at Black Hat USA 2012, and is available on

Github:

https://github.com/iSECPartners/android-ssl-bypass