Can use frida-sslkeylog to extract the keys on Android, and put it into Wireshark: https://github.com/saleemrashid/frida-sslkeylog

This require a rooted phone. Or you can patch the app with objection, so you don’t need the root: https://github.com/sensepost/objection/wiki/Patching-Android...

Can download the APK from places like https://apkpure.com/

Yeah I've had good success with patching apps. If the app complains the phone is an emulator, just patch the byte code that is checking for emulators too :)

Unfortunately I could not patch any apps yet. They open with a blank screen and crash after a few seconds. objection can't connect to the server. My phone doesn't seem to be easily rootable, so I'm kinda stuck for a while.

apkpure.com has a track record of serving malicious APKs.

If you run it in a sandbox environment it's probably okay-ish, but if you already have the app installed from a trusted source on your phone, you can grab the APK file with `adb pull`.

Did not know that. Thanks

As long as there's no certificate pinning implemented in the apps (which can be defeated with some effort) I would go with a different approach and use mitmproxy. See: https://www.trickster.dev/post/setting-up-mitmproxy-with-and...

You can add a self-signed trusted root ca, and set a system proxy in Android and apps will (usually) use that, although the Google and other big-tech apps will certificate pin and/or use HSTS, so they won't trust your cert. Also newer versions of Android make it a huge PITA.