Intercepting Android App Traffic with BurpSuite

00:00 - Introduction, talking about RouterSpace and why we can't just do what we did in that video 01:25 - Installing Genymotion, Virtual Box, and ADB; while talking about why I don't use Android Studio/AVD. Simply because genymotion just works. 02:05 - Make sure you upgrade your memory, processors, and enable Virtualization in your VM Settings! 02:30 - Running Genymotion and starting a Pixel 3 XL 03:37 - Converting BurpSuites Certificate to PEM Format with openssl x509 -inform der -in [name of cert] -out burp.pem 04:20 - Renaming the certificate to 9a5ba575.0, and showing how we got that name 06:00 - Starting the device and showing the certificate authorities 07:00 - Copying the certificate to /system/etc/security/cacerts/, and showing how to remount to rw 08:10 - Showing how to set the proxy through both the GUI and via ADB 09:50 - Installing GAPPS 10:30 - Showing how to unset the proxy from ADB 11:00 - Creating an alias to set and unset the proxy via adb 12:00 - Opening the google play store and logging in and install Wayzn to see if we can intercept traffic 15:20 - Showing we intercepted traffic from Wayzn, then installing Instagram 16:50 - Attempting to login to instagram and getting an error message 17:20 - Setting up Frida both on our computer and android device 19:20 - Showing Frida is working, getting ps output from the android device 19:55 - Downloading the instragram ssl pinning bypass script 21:20 - Using frida to start instagram and loading the script to bypass the SSL Checking 22:15 - Setting the proxy and showing us intercept instagram traffic